1<html><body> 2<style> 3 4body, h1, h2, h3, div, span, p, pre, a { 5 margin: 0; 6 padding: 0; 7 border: 0; 8 font-weight: inherit; 9 font-style: inherit; 10 font-size: 100%; 11 font-family: inherit; 12 vertical-align: baseline; 13} 14 15body { 16 font-size: 13px; 17 padding: 1em; 18} 19 20h1 { 21 font-size: 26px; 22 margin-bottom: 1em; 23} 24 25h2 { 26 font-size: 24px; 27 margin-bottom: 1em; 28} 29 30h3 { 31 font-size: 20px; 32 margin-bottom: 1em; 33 margin-top: 1em; 34} 35 36pre, code { 37 line-height: 1.5; 38 font-family: Monaco, 'DejaVu Sans Mono', 'Bitstream Vera Sans Mono', 'Lucida Console', monospace; 39} 40 41pre { 42 margin-top: 0.5em; 43} 44 45h1, h2, h3, p { 46 font-family: Arial, sans serif; 47} 48 49h1, h2, h3 { 50 border-bottom: solid #CCC 1px; 51} 52 53.toc_element { 54 margin-top: 0.5em; 55} 56 57.firstline { 58 margin-left: 2 em; 59} 60 61.method { 62 margin-top: 1em; 63 border: solid 1px #CCC; 64 padding: 1em; 65 background: #EEE; 66} 67 68.details { 69 font-weight: bold; 70 font-size: 14px; 71} 72 73</style> 74 75<h1><a href="healthcare_v1alpha2.html">Cloud Healthcare API</a> . <a href="healthcare_v1alpha2.projects.html">projects</a> . <a href="healthcare_v1alpha2.projects.locations.html">locations</a> . <a href="healthcare_v1alpha2.projects.locations.datasets.html">datasets</a> . <a href="healthcare_v1alpha2.projects.locations.datasets.fhirStores.html">fhirStores</a></h1> 76<h2>Instance Methods</h2> 77<p class="toc_element"> 78 <code><a href="healthcare_v1alpha2.projects.locations.datasets.fhirStores.fhir.html">fhir()</a></code> 79</p> 80<p class="firstline">Returns the fhir Resource.</p> 81 82<p class="toc_element"> 83 <code><a href="healthcare_v1alpha2.projects.locations.datasets.fhirStores.securityLabels.html">securityLabels()</a></code> 84</p> 85<p class="firstline">Returns the securityLabels Resource.</p> 86 87<p class="toc_element"> 88 <code><a href="#capabilities">capabilities(name, x__xgafv=None)</a></code></p> 89<p class="firstline">Gets the FHIR [capability</p> 90<p class="toc_element"> 91 <code><a href="#create">create(parent, body, fhirStoreId=None, x__xgafv=None)</a></code></p> 92<p class="firstline">Creates a new FHIR store within the parent dataset.</p> 93<p class="toc_element"> 94 <code><a href="#delete">delete(name, x__xgafv=None)</a></code></p> 95<p class="firstline">Deletes the specified FHIR store and removes all resources within it.</p> 96<p class="toc_element"> 97 <code><a href="#export">export(name, body, x__xgafv=None)</a></code></p> 98<p class="firstline">Export resources from the FHIR store to the specified destination.</p> 99<p class="toc_element"> 100 <code><a href="#get">get(name, x__xgafv=None)</a></code></p> 101<p class="firstline">Gets the configuration of the specified FHIR store.</p> 102<p class="toc_element"> 103 <code><a href="#getIamPolicy">getIamPolicy(resource, x__xgafv=None)</a></code></p> 104<p class="firstline">Gets the access control policy for a FHIR store or security label within a</p> 105<p class="toc_element"> 106 <code><a href="#import_">import_(name, body, x__xgafv=None)</a></code></p> 107<p class="firstline">Import resources to the FHIR store by loading data from the specified</p> 108<p class="toc_element"> 109 <code><a href="#list">list(parent, pageToken=None, x__xgafv=None, pageSize=None, filter=None)</a></code></p> 110<p class="firstline">Lists the FHIR stores in the given dataset.</p> 111<p class="toc_element"> 112 <code><a href="#list_next">list_next(previous_request, previous_response)</a></code></p> 113<p class="firstline">Retrieves the next page of results.</p> 114<p class="toc_element"> 115 <code><a href="#patch">patch(name, body, updateMask=None, x__xgafv=None)</a></code></p> 116<p class="firstline">Updates the configuration of the specified FHIR store.</p> 117<p class="toc_element"> 118 <code><a href="#setIamPolicy">setIamPolicy(resource, body, x__xgafv=None)</a></code></p> 119<p class="firstline">Sets the access control policy for a FHIR store or security label within a</p> 120<p class="toc_element"> 121 <code><a href="#testIamPermissions">testIamPermissions(resource, body, x__xgafv=None)</a></code></p> 122<p class="firstline">Returns permissions that a caller has on the specified resource. If the</p> 123<h3>Method Details</h3> 124<div class="method"> 125 <code class="details" id="capabilities">capabilities(name, x__xgafv=None)</code> 126 <pre>Gets the FHIR [capability 127statement](http://hl7.org/implement/standards/fhir/STU3/capabilitystatement.html) 128for the store, which contains a description of functionality supported by 129the server. 130 131Implements the FHIR standard [capabilities 132interaction](http://hl7.org/implement/standards/fhir/STU3/http.html#capabilities). 133 134On success, the response body will contain a JSON-encoded representation 135of a `CapabilityStatement` resource. 136 137Args: 138 name: string, Name of the FHIR store to retrieve the capabilities for. (required) 139 x__xgafv: string, V1 error format. 140 Allowed values 141 1 - v1 error format 142 2 - v2 error format 143 144Returns: 145 An object of the form: 146 147 { # Message that represents an arbitrary HTTP body. It should only be used for 148 # payload formats that can't be represented as JSON, such as raw binary or 149 # an HTML page. 150 # 151 # 152 # This message can be used both in streaming and non-streaming API methods in 153 # the request as well as the response. 154 # 155 # It can be used as a top-level request field, which is convenient if one 156 # wants to extract parameters from either the URL or HTTP template into the 157 # request fields and also want access to the raw HTTP body. 158 # 159 # Example: 160 # 161 # message GetResourceRequest { 162 # // A unique request id. 163 # string request_id = 1; 164 # 165 # // The raw HTTP body is bound to this field. 166 # google.api.HttpBody http_body = 2; 167 # } 168 # 169 # service ResourceService { 170 # rpc GetResource(GetResourceRequest) returns (google.api.HttpBody); 171 # rpc UpdateResource(google.api.HttpBody) returns 172 # (google.protobuf.Empty); 173 # } 174 # 175 # Example with streaming methods: 176 # 177 # service CaldavService { 178 # rpc GetCalendar(stream google.api.HttpBody) 179 # returns (stream google.api.HttpBody); 180 # rpc UpdateCalendar(stream google.api.HttpBody) 181 # returns (stream google.api.HttpBody); 182 # } 183 # 184 # Use of this type only changes how the request and response bodies are 185 # handled, all other features will continue to work unchanged. 186 "contentType": "A String", # The HTTP Content-Type header value specifying the content type of the body. 187 "data": "A String", # The HTTP request/response body as raw binary. 188 "extensions": [ # Application specific response metadata. Must be set in the first response 189 # for streaming APIs. 190 { 191 "a_key": "", # Properties of the object. Contains field @type with type URL. 192 }, 193 ], 194 }</pre> 195</div> 196 197<div class="method"> 198 <code class="details" id="create">create(parent, body, fhirStoreId=None, x__xgafv=None)</code> 199 <pre>Creates a new FHIR store within the parent dataset. 200 201Args: 202 parent: string, The name of the dataset this FHIR store belongs to. (required) 203 body: object, The request body. (required) 204 The object takes the form of: 205 206{ # Represents a FHIR store. 207 "enableHistoryImport": True or False, # Whether to allow the bulk import API to accept history bundles and directly 208 # insert historical resource versions into the FHIR store. Importing resource 209 # histories creates resource interactions that appear to have occurred in the 210 # past, which clients may not want to allow. If set to false, history bundles 211 # within an import will fail with an error. 212 "name": "A String", # Output only. Resource name of the FHIR store, of the form 213 # `projects/{project_id}/datasets/{dataset_id}/fhirStores/{fhir_store_id}`. 214 "labels": { # User-supplied key-value pairs used to organize FHIR stores. 215 # 216 # Label keys must be between 1 and 63 characters long, have a UTF-8 encoding 217 # of maximum 128 bytes, and must conform to the 218 # following PCRE regular expression: 219 # \p{Ll}\p{Lo}{0,62} 220 # 221 # Label values are optional, must be between 1 and 63 characters long, have 222 # a UTF-8 encoding of maximum 128 bytes, and must conform to the 223 # following PCRE regular expression: [\p{Ll}\p{Lo}\p{N}_-]{0,63} 224 # 225 # No more than 64 labels can be associated with a given store. 226 "a_key": "A String", 227 }, 228 "enableUpdateCreate": True or False, # Whether this FHIR store has the [updateCreate 229 # capability](https://www.hl7.org/fhir/capabilitystatement-definitions.html#CapabilityStatement.rest.resource.updateCreate). 230 # This determines if the client can use an Update operation to create a new 231 # resource with a client-specified ID. If false, all IDs are server-assigned 232 # through the Create operation and attempts to Update a non-existent resource 233 # will return errors. Please treat the audit logs with appropriate levels of 234 # care if client-specified resource IDs contain sensitive data such as 235 # patient identifiers, those IDs will be part of the FHIR resource path 236 # recorded in Cloud audit logs and Cloud Pub/Sub notifications. 237 "notificationConfig": { # Specifies where notifications should be sent upon changes to a data store. # If non-empty, publish all resource modifications of this FHIR store to 238 # this destination. The Cloud Pub/Sub message attributes will contain a map 239 # with a string describing the action that has triggered the notification, 240 # e.g. "action":"CreateResource". 241 "pubsubTopic": "A String", # The [Cloud Pub/Sub](https://cloud.google.com/pubsub/docs/) topic that 242 # notifications of changes are published on. Supplied by the client. 243 # PubsubMessage.Data will contain the resource name. 244 # PubsubMessage.MessageId is the ID of this message. It is guaranteed to be 245 # unique within the topic. 246 # PubsubMessage.PublishTime is the time at which the message was published. 247 # Notifications are only sent if the topic is 248 # non-empty. [Topic 249 # names](https://cloud.google.com/pubsub/docs/overview#names) must be scoped 250 # to a project. cloud-healthcare@system.gserviceaccount.com must have 251 # publisher permissions on the given Cloud Pub/Sub topic. Not having adequate 252 # permissions will cause the calls that send notifications to fail. 253 }, 254 "streamConfigs": [ # A list of streaming configs that configure the destinations of streaming 255 # export for every resource mutation in this FHIR store. Each store is 256 # allowed to have up to 10 streaming configs. 257 # After a new config is added, the next resource mutation will be streamed to 258 # the new location in addition to the existing ones. 259 # When a location is removed from the list, the server will simply stop 260 # streaming to that location. Before adding a new config, you must add the 261 # required 262 # [`bigquery.dataEditor`](https://cloud.google.com/bigquery/docs/access-control#bigquery.dataEditor) 263 # role to your project's **Cloud Healthcare Service Agent** 264 # [service account](https://cloud.google.com/iam/docs/service-accounts). 265 # Some lag (typically on the order of dozens of seconds) is expected before 266 # the results show up in the streaming destination. 267 { # This structure contains configuration for streaming FHIR export. 268 "bigqueryDestination": { # The configuration for exporting to BigQuery. # The destination BigQuery structure that contains both the dataset 269 # location and corresponding schema config. 270 # The output will be organized in one table per resource type. 271 # The server will inspect and potentially create new tables (if they 272 # don't exist) in the given BigQuery dataset. 273 # Results will be appended to the corresponding BigQuery tables. 274 # The views of the latest snapshot will also be automatically created in 275 # the dataset. 276 "datasetUri": "A String", # BigQuery URI to a dataset, up to 2000 characters long, in the format 277 # `bq://projectId.bqDatasetId` 278 "schemaConfig": { # Configuration for the FHIR BigQuery and Cloud Storage schema. Determines # The configuration for the exported BigQuery schema. 279 # how the server generates the schema. 280 "schemaType": "A String", # Specifies the output schema type. If unspecified, the default is 281 # `LOSSLESS`. 282 "recursiveStructureDepth": "A String", # The depth for all recursive structures in the output analytics 283 # schema. For example, `concept` in the CodeSystem resource is a recursive 284 # structure; when the depth is 2, the CodeSystem table will have a column 285 # called `concept.concept` but not `concept.concept.concept`. If not 286 # specified or set to 0, the server will use the default value 2. 287 }, 288 }, 289 "resourceTypes": [ # Supply a FHIR resource type (such as "Patient" or "Observation"). 290 # See https://www.hl7.org/fhir/valueset-resource-types.html for a list of 291 # all FHIR resource types. 292 # The server will treat an empty list as an intent to stream all the 293 # supported resource types in this FHIR store. 294 "A String", 295 ], 296 }, 297 ], 298 "disableReferentialIntegrity": True or False, # Whether to disable referential integrity in this FHIR store. This field is 299 # immutable after FHIR store creation. 300 # The default value is false, meaning that the API will enforce referential 301 # integrity and fail the requests that will result in inconsistent state in 302 # the FHIR store. 303 # When this field is set to true, the API will skip referential integrity 304 # check. Consequently, operations that rely on references, such as 305 # GetPatientEverything, will not return all the results if broken references 306 # exist. 307 "disableResourceVersioning": True or False, # Whether to disable resource versioning for this FHIR store. This field can 308 # not be changed after the creation of FHIR store. 309 # If set to false, which is the default behavior, all write operations will 310 # cause historical versions to be recorded automatically. The historical 311 # versions can be fetched through the history APIs, but cannot be updated. 312 # If set to true, no historical versions will be kept. The server will send 313 # back errors for attempts to read the historical versions. 314} 315 316 fhirStoreId: string, The ID of the FHIR store that is being created. 317The string must match the following regex: `[\p{L}\p{N}_\-\.]{1,256}`. 318 x__xgafv: string, V1 error format. 319 Allowed values 320 1 - v1 error format 321 2 - v2 error format 322 323Returns: 324 An object of the form: 325 326 { # Represents a FHIR store. 327 "enableHistoryImport": True or False, # Whether to allow the bulk import API to accept history bundles and directly 328 # insert historical resource versions into the FHIR store. Importing resource 329 # histories creates resource interactions that appear to have occurred in the 330 # past, which clients may not want to allow. If set to false, history bundles 331 # within an import will fail with an error. 332 "name": "A String", # Output only. Resource name of the FHIR store, of the form 333 # `projects/{project_id}/datasets/{dataset_id}/fhirStores/{fhir_store_id}`. 334 "labels": { # User-supplied key-value pairs used to organize FHIR stores. 335 # 336 # Label keys must be between 1 and 63 characters long, have a UTF-8 encoding 337 # of maximum 128 bytes, and must conform to the 338 # following PCRE regular expression: 339 # \p{Ll}\p{Lo}{0,62} 340 # 341 # Label values are optional, must be between 1 and 63 characters long, have 342 # a UTF-8 encoding of maximum 128 bytes, and must conform to the 343 # following PCRE regular expression: [\p{Ll}\p{Lo}\p{N}_-]{0,63} 344 # 345 # No more than 64 labels can be associated with a given store. 346 "a_key": "A String", 347 }, 348 "enableUpdateCreate": True or False, # Whether this FHIR store has the [updateCreate 349 # capability](https://www.hl7.org/fhir/capabilitystatement-definitions.html#CapabilityStatement.rest.resource.updateCreate). 350 # This determines if the client can use an Update operation to create a new 351 # resource with a client-specified ID. If false, all IDs are server-assigned 352 # through the Create operation and attempts to Update a non-existent resource 353 # will return errors. Please treat the audit logs with appropriate levels of 354 # care if client-specified resource IDs contain sensitive data such as 355 # patient identifiers, those IDs will be part of the FHIR resource path 356 # recorded in Cloud audit logs and Cloud Pub/Sub notifications. 357 "notificationConfig": { # Specifies where notifications should be sent upon changes to a data store. # If non-empty, publish all resource modifications of this FHIR store to 358 # this destination. The Cloud Pub/Sub message attributes will contain a map 359 # with a string describing the action that has triggered the notification, 360 # e.g. "action":"CreateResource". 361 "pubsubTopic": "A String", # The [Cloud Pub/Sub](https://cloud.google.com/pubsub/docs/) topic that 362 # notifications of changes are published on. Supplied by the client. 363 # PubsubMessage.Data will contain the resource name. 364 # PubsubMessage.MessageId is the ID of this message. It is guaranteed to be 365 # unique within the topic. 366 # PubsubMessage.PublishTime is the time at which the message was published. 367 # Notifications are only sent if the topic is 368 # non-empty. [Topic 369 # names](https://cloud.google.com/pubsub/docs/overview#names) must be scoped 370 # to a project. cloud-healthcare@system.gserviceaccount.com must have 371 # publisher permissions on the given Cloud Pub/Sub topic. Not having adequate 372 # permissions will cause the calls that send notifications to fail. 373 }, 374 "streamConfigs": [ # A list of streaming configs that configure the destinations of streaming 375 # export for every resource mutation in this FHIR store. Each store is 376 # allowed to have up to 10 streaming configs. 377 # After a new config is added, the next resource mutation will be streamed to 378 # the new location in addition to the existing ones. 379 # When a location is removed from the list, the server will simply stop 380 # streaming to that location. Before adding a new config, you must add the 381 # required 382 # [`bigquery.dataEditor`](https://cloud.google.com/bigquery/docs/access-control#bigquery.dataEditor) 383 # role to your project's **Cloud Healthcare Service Agent** 384 # [service account](https://cloud.google.com/iam/docs/service-accounts). 385 # Some lag (typically on the order of dozens of seconds) is expected before 386 # the results show up in the streaming destination. 387 { # This structure contains configuration for streaming FHIR export. 388 "bigqueryDestination": { # The configuration for exporting to BigQuery. # The destination BigQuery structure that contains both the dataset 389 # location and corresponding schema config. 390 # The output will be organized in one table per resource type. 391 # The server will inspect and potentially create new tables (if they 392 # don't exist) in the given BigQuery dataset. 393 # Results will be appended to the corresponding BigQuery tables. 394 # The views of the latest snapshot will also be automatically created in 395 # the dataset. 396 "datasetUri": "A String", # BigQuery URI to a dataset, up to 2000 characters long, in the format 397 # `bq://projectId.bqDatasetId` 398 "schemaConfig": { # Configuration for the FHIR BigQuery and Cloud Storage schema. Determines # The configuration for the exported BigQuery schema. 399 # how the server generates the schema. 400 "schemaType": "A String", # Specifies the output schema type. If unspecified, the default is 401 # `LOSSLESS`. 402 "recursiveStructureDepth": "A String", # The depth for all recursive structures in the output analytics 403 # schema. For example, `concept` in the CodeSystem resource is a recursive 404 # structure; when the depth is 2, the CodeSystem table will have a column 405 # called `concept.concept` but not `concept.concept.concept`. If not 406 # specified or set to 0, the server will use the default value 2. 407 }, 408 }, 409 "resourceTypes": [ # Supply a FHIR resource type (such as "Patient" or "Observation"). 410 # See https://www.hl7.org/fhir/valueset-resource-types.html for a list of 411 # all FHIR resource types. 412 # The server will treat an empty list as an intent to stream all the 413 # supported resource types in this FHIR store. 414 "A String", 415 ], 416 }, 417 ], 418 "disableReferentialIntegrity": True or False, # Whether to disable referential integrity in this FHIR store. This field is 419 # immutable after FHIR store creation. 420 # The default value is false, meaning that the API will enforce referential 421 # integrity and fail the requests that will result in inconsistent state in 422 # the FHIR store. 423 # When this field is set to true, the API will skip referential integrity 424 # check. Consequently, operations that rely on references, such as 425 # GetPatientEverything, will not return all the results if broken references 426 # exist. 427 "disableResourceVersioning": True or False, # Whether to disable resource versioning for this FHIR store. This field can 428 # not be changed after the creation of FHIR store. 429 # If set to false, which is the default behavior, all write operations will 430 # cause historical versions to be recorded automatically. The historical 431 # versions can be fetched through the history APIs, but cannot be updated. 432 # If set to true, no historical versions will be kept. The server will send 433 # back errors for attempts to read the historical versions. 434 }</pre> 435</div> 436 437<div class="method"> 438 <code class="details" id="delete">delete(name, x__xgafv=None)</code> 439 <pre>Deletes the specified FHIR store and removes all resources within it. 440 441Args: 442 name: string, The resource name of the FHIR store to delete. (required) 443 x__xgafv: string, V1 error format. 444 Allowed values 445 1 - v1 error format 446 2 - v2 error format 447 448Returns: 449 An object of the form: 450 451 { # A generic empty message that you can re-use to avoid defining duplicated 452 # empty messages in your APIs. A typical example is to use it as the request 453 # or the response type of an API method. For instance: 454 # 455 # service Foo { 456 # rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); 457 # } 458 # 459 # The JSON representation for `Empty` is empty JSON object `{}`. 460 }</pre> 461</div> 462 463<div class="method"> 464 <code class="details" id="export">export(name, body, x__xgafv=None)</code> 465 <pre>Export resources from the FHIR store to the specified destination. 466 467This method returns an Operation that can 468be used to track the status of the export by calling 469GetOperation. 470 471Immediate fatal errors appear in the 472error field. 473Otherwise, when the operation finishes, a detailed response of type 474ExportResourcesResponse is returned in the 475response field. 476The metadata field type for this 477operation is OperationMetadata. 478 479Args: 480 name: string, The name of the FHIR store to export resource from. The name should be in 481the format of 482`projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/fhirStores/{fhir_store_id}`. (required) 483 body: object, The request body. (required) 484 The object takes the form of: 485 486{ # Request to export resources. 487 "bigqueryDestination": { # The configuration for exporting to BigQuery. # The BigQuery output destination. 488 # 489 # The BigQuery location requires two IAM roles: 490 # `roles/bigquery.dataEditor` and `roles/bigquery.jobUser`. 491 # 492 # The output will be one BigQuery table per resource type. 493 "datasetUri": "A String", # BigQuery URI to a dataset, up to 2000 characters long, in the format 494 # `bq://projectId.bqDatasetId` 495 "schemaConfig": { # Configuration for the FHIR BigQuery and Cloud Storage schema. Determines # The configuration for the exported BigQuery schema. 496 # how the server generates the schema. 497 "schemaType": "A String", # Specifies the output schema type. If unspecified, the default is 498 # `LOSSLESS`. 499 "recursiveStructureDepth": "A String", # The depth for all recursive structures in the output analytics 500 # schema. For example, `concept` in the CodeSystem resource is a recursive 501 # structure; when the depth is 2, the CodeSystem table will have a column 502 # called `concept.concept` but not `concept.concept.concept`. If not 503 # specified or set to 0, the server will use the default value 2. 504 }, 505 }, 506 "gcsDestination": { # The configuration for exporting to Cloud Storage. # The Cloud Storage output destination. 507 # 508 # The Cloud Storage location requires the `roles/storage.objectAdmin` Cloud 509 # IAM role. 510 # 511 # The exported outputs are 512 # organized by FHIR resource types. The server will create one object per 513 # resource type. Each object contains newline delimited JSON, and each line 514 # is a FHIR resource. 515 "uriPrefix": "A String", # URI for a Cloud Storage directory where result files should be written (in 516 # the format `gs://{bucket-id}/{path/to/destination/dir}`). If there is no 517 # trailing slash, the service will append one when composing the object path. 518 # The user is responsible for creating the Cloud Storage bucket referenced in 519 # `uri_prefix`. 520 }, 521 } 522 523 x__xgafv: string, V1 error format. 524 Allowed values 525 1 - v1 error format 526 2 - v2 error format 527 528Returns: 529 An object of the form: 530 531 { # This resource represents a long-running operation that is the result of a 532 # network API call. 533 "metadata": { # Service-specific metadata associated with the operation. It typically 534 # contains progress information and common metadata such as create time. 535 # Some services might not provide such metadata. Any method that returns a 536 # long-running operation should document the metadata type, if any. 537 "a_key": "", # Properties of the object. Contains field @type with type URL. 538 }, 539 "error": { # The `Status` type defines a logical error model that is suitable for # The error result of the operation in case of failure or cancellation. 540 # different programming environments, including REST APIs and RPC APIs. It is 541 # used by [gRPC](https://github.com/grpc). Each `Status` message contains 542 # three pieces of data: error code, error message, and error details. 543 # 544 # You can find out more about this error model and how to work with it in the 545 # [API Design Guide](https://cloud.google.com/apis/design/errors). 546 "message": "A String", # A developer-facing error message, which should be in English. Any 547 # user-facing error message should be localized and sent in the 548 # google.rpc.Status.details field, or localized by the client. 549 "code": 42, # The status code, which should be an enum value of google.rpc.Code. 550 "details": [ # A list of messages that carry the error details. There is a common set of 551 # message types for APIs to use. 552 { 553 "a_key": "", # Properties of the object. Contains field @type with type URL. 554 }, 555 ], 556 }, 557 "done": True or False, # If the value is `false`, it means the operation is still in progress. 558 # If `true`, the operation is completed, and either `error` or `response` is 559 # available. 560 "response": { # The normal response of the operation in case of success. If the original 561 # method returns no data on success, such as `Delete`, the response is 562 # `google.protobuf.Empty`. If the original method is standard 563 # `Get`/`Create`/`Update`, the response should be the resource. For other 564 # methods, the response should have the type `XxxResponse`, where `Xxx` 565 # is the original method name. For example, if the original method name 566 # is `TakeSnapshot()`, the inferred response type is 567 # `TakeSnapshotResponse`. 568 "a_key": "", # Properties of the object. Contains field @type with type URL. 569 }, 570 "name": "A String", # The server-assigned name, which is only unique within the same service that 571 # originally returns it. If you use the default HTTP mapping, the 572 # `name` should be a resource name ending with `operations/{unique_id}`. 573 }</pre> 574</div> 575 576<div class="method"> 577 <code class="details" id="get">get(name, x__xgafv=None)</code> 578 <pre>Gets the configuration of the specified FHIR store. 579 580Args: 581 name: string, The resource name of the FHIR store to get. (required) 582 x__xgafv: string, V1 error format. 583 Allowed values 584 1 - v1 error format 585 2 - v2 error format 586 587Returns: 588 An object of the form: 589 590 { # Represents a FHIR store. 591 "enableHistoryImport": True or False, # Whether to allow the bulk import API to accept history bundles and directly 592 # insert historical resource versions into the FHIR store. Importing resource 593 # histories creates resource interactions that appear to have occurred in the 594 # past, which clients may not want to allow. If set to false, history bundles 595 # within an import will fail with an error. 596 "name": "A String", # Output only. Resource name of the FHIR store, of the form 597 # `projects/{project_id}/datasets/{dataset_id}/fhirStores/{fhir_store_id}`. 598 "labels": { # User-supplied key-value pairs used to organize FHIR stores. 599 # 600 # Label keys must be between 1 and 63 characters long, have a UTF-8 encoding 601 # of maximum 128 bytes, and must conform to the 602 # following PCRE regular expression: 603 # \p{Ll}\p{Lo}{0,62} 604 # 605 # Label values are optional, must be between 1 and 63 characters long, have 606 # a UTF-8 encoding of maximum 128 bytes, and must conform to the 607 # following PCRE regular expression: [\p{Ll}\p{Lo}\p{N}_-]{0,63} 608 # 609 # No more than 64 labels can be associated with a given store. 610 "a_key": "A String", 611 }, 612 "enableUpdateCreate": True or False, # Whether this FHIR store has the [updateCreate 613 # capability](https://www.hl7.org/fhir/capabilitystatement-definitions.html#CapabilityStatement.rest.resource.updateCreate). 614 # This determines if the client can use an Update operation to create a new 615 # resource with a client-specified ID. If false, all IDs are server-assigned 616 # through the Create operation and attempts to Update a non-existent resource 617 # will return errors. Please treat the audit logs with appropriate levels of 618 # care if client-specified resource IDs contain sensitive data such as 619 # patient identifiers, those IDs will be part of the FHIR resource path 620 # recorded in Cloud audit logs and Cloud Pub/Sub notifications. 621 "notificationConfig": { # Specifies where notifications should be sent upon changes to a data store. # If non-empty, publish all resource modifications of this FHIR store to 622 # this destination. The Cloud Pub/Sub message attributes will contain a map 623 # with a string describing the action that has triggered the notification, 624 # e.g. "action":"CreateResource". 625 "pubsubTopic": "A String", # The [Cloud Pub/Sub](https://cloud.google.com/pubsub/docs/) topic that 626 # notifications of changes are published on. Supplied by the client. 627 # PubsubMessage.Data will contain the resource name. 628 # PubsubMessage.MessageId is the ID of this message. It is guaranteed to be 629 # unique within the topic. 630 # PubsubMessage.PublishTime is the time at which the message was published. 631 # Notifications are only sent if the topic is 632 # non-empty. [Topic 633 # names](https://cloud.google.com/pubsub/docs/overview#names) must be scoped 634 # to a project. cloud-healthcare@system.gserviceaccount.com must have 635 # publisher permissions on the given Cloud Pub/Sub topic. Not having adequate 636 # permissions will cause the calls that send notifications to fail. 637 }, 638 "streamConfigs": [ # A list of streaming configs that configure the destinations of streaming 639 # export for every resource mutation in this FHIR store. Each store is 640 # allowed to have up to 10 streaming configs. 641 # After a new config is added, the next resource mutation will be streamed to 642 # the new location in addition to the existing ones. 643 # When a location is removed from the list, the server will simply stop 644 # streaming to that location. Before adding a new config, you must add the 645 # required 646 # [`bigquery.dataEditor`](https://cloud.google.com/bigquery/docs/access-control#bigquery.dataEditor) 647 # role to your project's **Cloud Healthcare Service Agent** 648 # [service account](https://cloud.google.com/iam/docs/service-accounts). 649 # Some lag (typically on the order of dozens of seconds) is expected before 650 # the results show up in the streaming destination. 651 { # This structure contains configuration for streaming FHIR export. 652 "bigqueryDestination": { # The configuration for exporting to BigQuery. # The destination BigQuery structure that contains both the dataset 653 # location and corresponding schema config. 654 # The output will be organized in one table per resource type. 655 # The server will inspect and potentially create new tables (if they 656 # don't exist) in the given BigQuery dataset. 657 # Results will be appended to the corresponding BigQuery tables. 658 # The views of the latest snapshot will also be automatically created in 659 # the dataset. 660 "datasetUri": "A String", # BigQuery URI to a dataset, up to 2000 characters long, in the format 661 # `bq://projectId.bqDatasetId` 662 "schemaConfig": { # Configuration for the FHIR BigQuery and Cloud Storage schema. Determines # The configuration for the exported BigQuery schema. 663 # how the server generates the schema. 664 "schemaType": "A String", # Specifies the output schema type. If unspecified, the default is 665 # `LOSSLESS`. 666 "recursiveStructureDepth": "A String", # The depth for all recursive structures in the output analytics 667 # schema. For example, `concept` in the CodeSystem resource is a recursive 668 # structure; when the depth is 2, the CodeSystem table will have a column 669 # called `concept.concept` but not `concept.concept.concept`. If not 670 # specified or set to 0, the server will use the default value 2. 671 }, 672 }, 673 "resourceTypes": [ # Supply a FHIR resource type (such as "Patient" or "Observation"). 674 # See https://www.hl7.org/fhir/valueset-resource-types.html for a list of 675 # all FHIR resource types. 676 # The server will treat an empty list as an intent to stream all the 677 # supported resource types in this FHIR store. 678 "A String", 679 ], 680 }, 681 ], 682 "disableReferentialIntegrity": True or False, # Whether to disable referential integrity in this FHIR store. This field is 683 # immutable after FHIR store creation. 684 # The default value is false, meaning that the API will enforce referential 685 # integrity and fail the requests that will result in inconsistent state in 686 # the FHIR store. 687 # When this field is set to true, the API will skip referential integrity 688 # check. Consequently, operations that rely on references, such as 689 # GetPatientEverything, will not return all the results if broken references 690 # exist. 691 "disableResourceVersioning": True or False, # Whether to disable resource versioning for this FHIR store. This field can 692 # not be changed after the creation of FHIR store. 693 # If set to false, which is the default behavior, all write operations will 694 # cause historical versions to be recorded automatically. The historical 695 # versions can be fetched through the history APIs, but cannot be updated. 696 # If set to true, no historical versions will be kept. The server will send 697 # back errors for attempts to read the historical versions. 698 }</pre> 699</div> 700 701<div class="method"> 702 <code class="details" id="getIamPolicy">getIamPolicy(resource, x__xgafv=None)</code> 703 <pre>Gets the access control policy for a FHIR store or security label within a 704FHIR store. Returns NOT_FOUND error if the resource does not exist. Returns 705an empty policy if the resource exists but does not have a policy set. 706 707Authorization requires the Google IAM permission 708'healthcare.fhirStores.getIamPolicy' for a FHIR store or 709'healthcare.securityLabels.getIamPolicy' for a security label 710 711Args: 712 resource: string, REQUIRED: The resource for which the policy is being requested. 713See the operation documentation for the appropriate value for this field. (required) 714 x__xgafv: string, V1 error format. 715 Allowed values 716 1 - v1 error format 717 2 - v2 error format 718 719Returns: 720 An object of the form: 721 722 { # Defines an Identity and Access Management (IAM) policy. It is used to 723 # specify access control policies for Cloud Platform resources. 724 # 725 # 726 # A `Policy` consists of a list of `bindings`. A `binding` binds a list of 727 # `members` to a `role`, where the members can be user accounts, Google groups, 728 # Google domains, and service accounts. A `role` is a named list of permissions 729 # defined by IAM. 730 # 731 # **JSON Example** 732 # 733 # { 734 # "bindings": [ 735 # { 736 # "role": "roles/owner", 737 # "members": [ 738 # "user:mike@example.com", 739 # "group:admins@example.com", 740 # "domain:google.com", 741 # "serviceAccount:my-other-app@appspot.gserviceaccount.com" 742 # ] 743 # }, 744 # { 745 # "role": "roles/viewer", 746 # "members": ["user:sean@example.com"] 747 # } 748 # ] 749 # } 750 # 751 # **YAML Example** 752 # 753 # bindings: 754 # - members: 755 # - user:mike@example.com 756 # - group:admins@example.com 757 # - domain:google.com 758 # - serviceAccount:my-other-app@appspot.gserviceaccount.com 759 # role: roles/owner 760 # - members: 761 # - user:sean@example.com 762 # role: roles/viewer 763 # 764 # 765 # For a description of IAM and its features, see the 766 # [IAM developer's guide](https://cloud.google.com/iam/docs). 767 "auditConfigs": [ # Specifies cloud audit logging configuration for this policy. 768 { # Specifies the audit configuration for a service. 769 # The configuration determines which permission types are logged, and what 770 # identities, if any, are exempted from logging. 771 # An AuditConfig must have one or more AuditLogConfigs. 772 # 773 # If there are AuditConfigs for both `allServices` and a specific service, 774 # the union of the two AuditConfigs is used for that service: the log_types 775 # specified in each AuditConfig are enabled, and the exempted_members in each 776 # AuditLogConfig are exempted. 777 # 778 # Example Policy with multiple AuditConfigs: 779 # 780 # { 781 # "audit_configs": [ 782 # { 783 # "service": "allServices" 784 # "audit_log_configs": [ 785 # { 786 # "log_type": "DATA_READ", 787 # "exempted_members": [ 788 # "user:foo@gmail.com" 789 # ] 790 # }, 791 # { 792 # "log_type": "DATA_WRITE", 793 # }, 794 # { 795 # "log_type": "ADMIN_READ", 796 # } 797 # ] 798 # }, 799 # { 800 # "service": "fooservice.googleapis.com" 801 # "audit_log_configs": [ 802 # { 803 # "log_type": "DATA_READ", 804 # }, 805 # { 806 # "log_type": "DATA_WRITE", 807 # "exempted_members": [ 808 # "user:bar@gmail.com" 809 # ] 810 # } 811 # ] 812 # } 813 # ] 814 # } 815 # 816 # For fooservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ 817 # logging. It also exempts foo@gmail.com from DATA_READ logging, and 818 # bar@gmail.com from DATA_WRITE logging. 819 "auditLogConfigs": [ # The configuration for logging of each type of permission. 820 { # Provides the configuration for logging a type of permissions. 821 # Example: 822 # 823 # { 824 # "audit_log_configs": [ 825 # { 826 # "log_type": "DATA_READ", 827 # "exempted_members": [ 828 # "user:foo@gmail.com" 829 # ] 830 # }, 831 # { 832 # "log_type": "DATA_WRITE", 833 # } 834 # ] 835 # } 836 # 837 # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting 838 # foo@gmail.com from DATA_READ logging. 839 "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of 840 # permission. 841 # Follows the same format of Binding.members. 842 "A String", 843 ], 844 "logType": "A String", # The log type that this config enables. 845 }, 846 ], 847 "service": "A String", # Specifies a service that will be enabled for audit logging. 848 # For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. 849 # `allServices` is a special value that covers all services. 850 }, 851 ], 852 "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help 853 # prevent simultaneous updates of a policy from overwriting each other. 854 # It is strongly suggested that systems make use of the `etag` in the 855 # read-modify-write cycle to perform policy updates in order to avoid race 856 # conditions: An `etag` is returned in the response to `getIamPolicy`, and 857 # systems are expected to put that etag in the request to `setIamPolicy` to 858 # ensure that their change will be applied to the same version of the policy. 859 # 860 # If no `etag` is provided in the call to `setIamPolicy`, then the existing 861 # policy is overwritten blindly. 862 "bindings": [ # Associates a list of `members` to a `role`. 863 # `bindings` with no members will result in an error. 864 { # Associates `members` with a `role`. 865 "role": "A String", # Role that is assigned to `members`. 866 # For example, `roles/viewer`, `roles/editor`, or `roles/owner`. 867 "condition": { # Represents an expression text. Example: # The condition that is associated with this binding. 868 # NOTE: An unsatisfied condition will not allow user access via current 869 # binding. Different bindings, including their conditions, are examined 870 # independently. 871 # 872 # title: "User account presence" 873 # description: "Determines whether the request has a user account" 874 # expression: "size(request.user) > 0" 875 "description": "A String", # An optional description of the expression. This is a longer text which 876 # describes the expression, e.g. when hovered over it in a UI. 877 "expression": "A String", # Textual representation of an expression in 878 # Common Expression Language syntax. 879 # 880 # The application context of the containing message determines which 881 # well-known feature set of CEL is supported. 882 "location": "A String", # An optional string indicating the location of the expression for error 883 # reporting, e.g. a file name and a position in the file. 884 "title": "A String", # An optional title for the expression, i.e. a short string describing 885 # its purpose. This can be used e.g. in UIs which allow to enter the 886 # expression. 887 }, 888 "members": [ # Specifies the identities requesting access for a Cloud Platform resource. 889 # `members` can have the following values: 890 # 891 # * `allUsers`: A special identifier that represents anyone who is 892 # on the internet; with or without a Google account. 893 # 894 # * `allAuthenticatedUsers`: A special identifier that represents anyone 895 # who is authenticated with a Google account or a service account. 896 # 897 # * `user:{emailid}`: An email address that represents a specific Google 898 # account. For example, `alice@gmail.com` . 899 # 900 # 901 # * `serviceAccount:{emailid}`: An email address that represents a service 902 # account. For example, `my-other-app@appspot.gserviceaccount.com`. 903 # 904 # * `group:{emailid}`: An email address that represents a Google group. 905 # For example, `admins@example.com`. 906 # 907 # 908 # * `domain:{domain}`: The G Suite domain (primary) that represents all the 909 # users of that domain. For example, `google.com` or `example.com`. 910 # 911 "A String", 912 ], 913 }, 914 ], 915 "version": 42, # Deprecated. 916 }</pre> 917</div> 918 919<div class="method"> 920 <code class="details" id="import_">import_(name, body, x__xgafv=None)</code> 921 <pre>Import resources to the FHIR store by loading data from the specified 922sources. Each resource must have a client-supplied ID, which is retained 923by the server. 924 925The import operation is idempotent. Upon retry, the most recent data 926(matching the client-supplied ID) is overwritten, without creating a new 927resource version. If partial failures occur during the import, successful 928changes are not rolled back. 929 930If history imports are enabled 931(enable_history_import is set in the 932FHIR store's configuration), you can import historical versions of a 933resource by supplying a bundle of type `history`. The historical versions 934in the bundle must have `lastUpdated` timestamps. If a current or 935historical version with the supplied resource ID already exists, the 936bundle is rejected. 937 938This method returns an Operation that can 939be used to track the status of the import by calling 940GetOperation. 941 942Immediate fatal errors appear in the 943error field. 944Otherwise, when the operation finishes, a detailed response of type 945ImportResourcesResponse is returned in the 946response field. 947The metadata field type for this 948operation is OperationMetadata. 949 950Args: 951 name: string, The name of the FHIR store to import FHIR resources to. The name should be 952in the format of 953`projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/fhirStores/{fhir_store_id}`. (required) 954 body: object, The request body. (required) 955 The object takes the form of: 956 957{ # Request to import resources. 958 "gcsErrorDestination": { # Specifies the Cloud Storage destination where errors will be recorded. # The Cloud Storage destination to write the error report to. 959 # 960 # The Cloud Storage location requires the `roles/storage.objectAdmin` Cloud 961 # IAM role. 962 # 963 # Note that writing a file to the same destination multiple times will 964 # result in the previous version of the file being overwritten. 965 "uriPrefix": "A String", # URI for a Cloud Storage directory to which error report files should be 966 # written (in the format `gs://{bucket-id}/{path/to/destination/dir}`). If 967 # there is no trailing slash, the service will append one when composing the 968 # object path. The user is responsible for creating the Cloud Storage bucket 969 # referenced in `uri_prefix`. 970 }, 971 "contentStructure": "A String", # The content structure in the source location. If not specified, the server 972 # treats the input source files as BUNDLE. 973 "gcsSource": { # Specifies the configuration for importing data from Cloud Storage. # Cloud Storage source data location and import configuration. 974 # 975 # The Cloud Storage location requires the `roles/storage.objectViewer` 976 # Cloud IAM role. 977 # 978 # Each Cloud Storage object should be a text file that contains the format 979 # specified in ContentStructu. 980 "uri": "A String", # Points to a Cloud Storage URI containing file(s) to import. 981 # 982 # The URI must be in the following format: `gs://{bucket_id}/{object_id}`. 983 # The URI can include wildcards in `object_id` and thus identify multiple 984 # files. Supported wildcards: 985 # 986 # * `*` to match 0 or more non-separator characters 987 # * `**` to match 0 or more characters (including separators). Must be used 988 # at the end of a path and with no other wildcards in the 989 # path. Can also be used with a file extension (such as .ndjson), which 990 # imports all files with the extension in the specified directory and 991 # its sub-directories. For example, `gs://my-bucket/my-directory/**.ndjson` 992 # imports all files with `.ndjson` extensions in `my-directory/` and its 993 # sub-directories. 994 # * `?` to match 1 character 995 # 996 # Files matching the wildcard are expected to contain content only, no 997 # metadata. 998 }, 999 } 1000 1001 x__xgafv: string, V1 error format. 1002 Allowed values 1003 1 - v1 error format 1004 2 - v2 error format 1005 1006Returns: 1007 An object of the form: 1008 1009 { # This resource represents a long-running operation that is the result of a 1010 # network API call. 1011 "metadata": { # Service-specific metadata associated with the operation. It typically 1012 # contains progress information and common metadata such as create time. 1013 # Some services might not provide such metadata. Any method that returns a 1014 # long-running operation should document the metadata type, if any. 1015 "a_key": "", # Properties of the object. Contains field @type with type URL. 1016 }, 1017 "error": { # The `Status` type defines a logical error model that is suitable for # The error result of the operation in case of failure or cancellation. 1018 # different programming environments, including REST APIs and RPC APIs. It is 1019 # used by [gRPC](https://github.com/grpc). Each `Status` message contains 1020 # three pieces of data: error code, error message, and error details. 1021 # 1022 # You can find out more about this error model and how to work with it in the 1023 # [API Design Guide](https://cloud.google.com/apis/design/errors). 1024 "message": "A String", # A developer-facing error message, which should be in English. Any 1025 # user-facing error message should be localized and sent in the 1026 # google.rpc.Status.details field, or localized by the client. 1027 "code": 42, # The status code, which should be an enum value of google.rpc.Code. 1028 "details": [ # A list of messages that carry the error details. There is a common set of 1029 # message types for APIs to use. 1030 { 1031 "a_key": "", # Properties of the object. Contains field @type with type URL. 1032 }, 1033 ], 1034 }, 1035 "done": True or False, # If the value is `false`, it means the operation is still in progress. 1036 # If `true`, the operation is completed, and either `error` or `response` is 1037 # available. 1038 "response": { # The normal response of the operation in case of success. If the original 1039 # method returns no data on success, such as `Delete`, the response is 1040 # `google.protobuf.Empty`. If the original method is standard 1041 # `Get`/`Create`/`Update`, the response should be the resource. For other 1042 # methods, the response should have the type `XxxResponse`, where `Xxx` 1043 # is the original method name. For example, if the original method name 1044 # is `TakeSnapshot()`, the inferred response type is 1045 # `TakeSnapshotResponse`. 1046 "a_key": "", # Properties of the object. Contains field @type with type URL. 1047 }, 1048 "name": "A String", # The server-assigned name, which is only unique within the same service that 1049 # originally returns it. If you use the default HTTP mapping, the 1050 # `name` should be a resource name ending with `operations/{unique_id}`. 1051 }</pre> 1052</div> 1053 1054<div class="method"> 1055 <code class="details" id="list">list(parent, pageToken=None, x__xgafv=None, pageSize=None, filter=None)</code> 1056 <pre>Lists the FHIR stores in the given dataset. 1057 1058Args: 1059 parent: string, Name of the dataset. (required) 1060 pageToken: string, The next_page_token value returned from the previous List request, if any. 1061 x__xgafv: string, V1 error format. 1062 Allowed values 1063 1 - v1 error format 1064 2 - v2 error format 1065 pageSize: integer, Limit on the number of FHIR stores to return in a single response. If zero 1066the default page size of 100 is used. 1067 filter: string, Restricts stores returned to those matching a filter. Syntax: 1068https://cloud.google.com/appengine/docs/standard/python/search/query_strings 1069Only filtering on labels is supported, for example `labels.key=value`. 1070 1071Returns: 1072 An object of the form: 1073 1074 { # Lists the FHIR stores in the given dataset. 1075 "nextPageToken": "A String", # Token to retrieve the next page of results or empty if there are no more 1076 # results in the list. 1077 "fhirStores": [ # The returned FHIR stores. Won't be more FHIR stores than the value of 1078 # page_size in the request. 1079 { # Represents a FHIR store. 1080 "enableHistoryImport": True or False, # Whether to allow the bulk import API to accept history bundles and directly 1081 # insert historical resource versions into the FHIR store. Importing resource 1082 # histories creates resource interactions that appear to have occurred in the 1083 # past, which clients may not want to allow. If set to false, history bundles 1084 # within an import will fail with an error. 1085 "name": "A String", # Output only. Resource name of the FHIR store, of the form 1086 # `projects/{project_id}/datasets/{dataset_id}/fhirStores/{fhir_store_id}`. 1087 "labels": { # User-supplied key-value pairs used to organize FHIR stores. 1088 # 1089 # Label keys must be between 1 and 63 characters long, have a UTF-8 encoding 1090 # of maximum 128 bytes, and must conform to the 1091 # following PCRE regular expression: 1092 # \p{Ll}\p{Lo}{0,62} 1093 # 1094 # Label values are optional, must be between 1 and 63 characters long, have 1095 # a UTF-8 encoding of maximum 128 bytes, and must conform to the 1096 # following PCRE regular expression: [\p{Ll}\p{Lo}\p{N}_-]{0,63} 1097 # 1098 # No more than 64 labels can be associated with a given store. 1099 "a_key": "A String", 1100 }, 1101 "enableUpdateCreate": True or False, # Whether this FHIR store has the [updateCreate 1102 # capability](https://www.hl7.org/fhir/capabilitystatement-definitions.html#CapabilityStatement.rest.resource.updateCreate). 1103 # This determines if the client can use an Update operation to create a new 1104 # resource with a client-specified ID. If false, all IDs are server-assigned 1105 # through the Create operation and attempts to Update a non-existent resource 1106 # will return errors. Please treat the audit logs with appropriate levels of 1107 # care if client-specified resource IDs contain sensitive data such as 1108 # patient identifiers, those IDs will be part of the FHIR resource path 1109 # recorded in Cloud audit logs and Cloud Pub/Sub notifications. 1110 "notificationConfig": { # Specifies where notifications should be sent upon changes to a data store. # If non-empty, publish all resource modifications of this FHIR store to 1111 # this destination. The Cloud Pub/Sub message attributes will contain a map 1112 # with a string describing the action that has triggered the notification, 1113 # e.g. "action":"CreateResource". 1114 "pubsubTopic": "A String", # The [Cloud Pub/Sub](https://cloud.google.com/pubsub/docs/) topic that 1115 # notifications of changes are published on. Supplied by the client. 1116 # PubsubMessage.Data will contain the resource name. 1117 # PubsubMessage.MessageId is the ID of this message. It is guaranteed to be 1118 # unique within the topic. 1119 # PubsubMessage.PublishTime is the time at which the message was published. 1120 # Notifications are only sent if the topic is 1121 # non-empty. [Topic 1122 # names](https://cloud.google.com/pubsub/docs/overview#names) must be scoped 1123 # to a project. cloud-healthcare@system.gserviceaccount.com must have 1124 # publisher permissions on the given Cloud Pub/Sub topic. Not having adequate 1125 # permissions will cause the calls that send notifications to fail. 1126 }, 1127 "streamConfigs": [ # A list of streaming configs that configure the destinations of streaming 1128 # export for every resource mutation in this FHIR store. Each store is 1129 # allowed to have up to 10 streaming configs. 1130 # After a new config is added, the next resource mutation will be streamed to 1131 # the new location in addition to the existing ones. 1132 # When a location is removed from the list, the server will simply stop 1133 # streaming to that location. Before adding a new config, you must add the 1134 # required 1135 # [`bigquery.dataEditor`](https://cloud.google.com/bigquery/docs/access-control#bigquery.dataEditor) 1136 # role to your project's **Cloud Healthcare Service Agent** 1137 # [service account](https://cloud.google.com/iam/docs/service-accounts). 1138 # Some lag (typically on the order of dozens of seconds) is expected before 1139 # the results show up in the streaming destination. 1140 { # This structure contains configuration for streaming FHIR export. 1141 "bigqueryDestination": { # The configuration for exporting to BigQuery. # The destination BigQuery structure that contains both the dataset 1142 # location and corresponding schema config. 1143 # The output will be organized in one table per resource type. 1144 # The server will inspect and potentially create new tables (if they 1145 # don't exist) in the given BigQuery dataset. 1146 # Results will be appended to the corresponding BigQuery tables. 1147 # The views of the latest snapshot will also be automatically created in 1148 # the dataset. 1149 "datasetUri": "A String", # BigQuery URI to a dataset, up to 2000 characters long, in the format 1150 # `bq://projectId.bqDatasetId` 1151 "schemaConfig": { # Configuration for the FHIR BigQuery and Cloud Storage schema. Determines # The configuration for the exported BigQuery schema. 1152 # how the server generates the schema. 1153 "schemaType": "A String", # Specifies the output schema type. If unspecified, the default is 1154 # `LOSSLESS`. 1155 "recursiveStructureDepth": "A String", # The depth for all recursive structures in the output analytics 1156 # schema. For example, `concept` in the CodeSystem resource is a recursive 1157 # structure; when the depth is 2, the CodeSystem table will have a column 1158 # called `concept.concept` but not `concept.concept.concept`. If not 1159 # specified or set to 0, the server will use the default value 2. 1160 }, 1161 }, 1162 "resourceTypes": [ # Supply a FHIR resource type (such as "Patient" or "Observation"). 1163 # See https://www.hl7.org/fhir/valueset-resource-types.html for a list of 1164 # all FHIR resource types. 1165 # The server will treat an empty list as an intent to stream all the 1166 # supported resource types in this FHIR store. 1167 "A String", 1168 ], 1169 }, 1170 ], 1171 "disableReferentialIntegrity": True or False, # Whether to disable referential integrity in this FHIR store. This field is 1172 # immutable after FHIR store creation. 1173 # The default value is false, meaning that the API will enforce referential 1174 # integrity and fail the requests that will result in inconsistent state in 1175 # the FHIR store. 1176 # When this field is set to true, the API will skip referential integrity 1177 # check. Consequently, operations that rely on references, such as 1178 # GetPatientEverything, will not return all the results if broken references 1179 # exist. 1180 "disableResourceVersioning": True or False, # Whether to disable resource versioning for this FHIR store. This field can 1181 # not be changed after the creation of FHIR store. 1182 # If set to false, which is the default behavior, all write operations will 1183 # cause historical versions to be recorded automatically. The historical 1184 # versions can be fetched through the history APIs, but cannot be updated. 1185 # If set to true, no historical versions will be kept. The server will send 1186 # back errors for attempts to read the historical versions. 1187 }, 1188 ], 1189 }</pre> 1190</div> 1191 1192<div class="method"> 1193 <code class="details" id="list_next">list_next(previous_request, previous_response)</code> 1194 <pre>Retrieves the next page of results. 1195 1196Args: 1197 previous_request: The request for the previous page. (required) 1198 previous_response: The response from the request for the previous page. (required) 1199 1200Returns: 1201 A request object that you can call 'execute()' on to request the next 1202 page. Returns None if there are no more items in the collection. 1203 </pre> 1204</div> 1205 1206<div class="method"> 1207 <code class="details" id="patch">patch(name, body, updateMask=None, x__xgafv=None)</code> 1208 <pre>Updates the configuration of the specified FHIR store. 1209 1210Args: 1211 name: string, Output only. Resource name of the FHIR store, of the form 1212`projects/{project_id}/datasets/{dataset_id}/fhirStores/{fhir_store_id}`. (required) 1213 body: object, The request body. (required) 1214 The object takes the form of: 1215 1216{ # Represents a FHIR store. 1217 "enableHistoryImport": True or False, # Whether to allow the bulk import API to accept history bundles and directly 1218 # insert historical resource versions into the FHIR store. Importing resource 1219 # histories creates resource interactions that appear to have occurred in the 1220 # past, which clients may not want to allow. If set to false, history bundles 1221 # within an import will fail with an error. 1222 "name": "A String", # Output only. Resource name of the FHIR store, of the form 1223 # `projects/{project_id}/datasets/{dataset_id}/fhirStores/{fhir_store_id}`. 1224 "labels": { # User-supplied key-value pairs used to organize FHIR stores. 1225 # 1226 # Label keys must be between 1 and 63 characters long, have a UTF-8 encoding 1227 # of maximum 128 bytes, and must conform to the 1228 # following PCRE regular expression: 1229 # \p{Ll}\p{Lo}{0,62} 1230 # 1231 # Label values are optional, must be between 1 and 63 characters long, have 1232 # a UTF-8 encoding of maximum 128 bytes, and must conform to the 1233 # following PCRE regular expression: [\p{Ll}\p{Lo}\p{N}_-]{0,63} 1234 # 1235 # No more than 64 labels can be associated with a given store. 1236 "a_key": "A String", 1237 }, 1238 "enableUpdateCreate": True or False, # Whether this FHIR store has the [updateCreate 1239 # capability](https://www.hl7.org/fhir/capabilitystatement-definitions.html#CapabilityStatement.rest.resource.updateCreate). 1240 # This determines if the client can use an Update operation to create a new 1241 # resource with a client-specified ID. If false, all IDs are server-assigned 1242 # through the Create operation and attempts to Update a non-existent resource 1243 # will return errors. Please treat the audit logs with appropriate levels of 1244 # care if client-specified resource IDs contain sensitive data such as 1245 # patient identifiers, those IDs will be part of the FHIR resource path 1246 # recorded in Cloud audit logs and Cloud Pub/Sub notifications. 1247 "notificationConfig": { # Specifies where notifications should be sent upon changes to a data store. # If non-empty, publish all resource modifications of this FHIR store to 1248 # this destination. The Cloud Pub/Sub message attributes will contain a map 1249 # with a string describing the action that has triggered the notification, 1250 # e.g. "action":"CreateResource". 1251 "pubsubTopic": "A String", # The [Cloud Pub/Sub](https://cloud.google.com/pubsub/docs/) topic that 1252 # notifications of changes are published on. Supplied by the client. 1253 # PubsubMessage.Data will contain the resource name. 1254 # PubsubMessage.MessageId is the ID of this message. It is guaranteed to be 1255 # unique within the topic. 1256 # PubsubMessage.PublishTime is the time at which the message was published. 1257 # Notifications are only sent if the topic is 1258 # non-empty. [Topic 1259 # names](https://cloud.google.com/pubsub/docs/overview#names) must be scoped 1260 # to a project. cloud-healthcare@system.gserviceaccount.com must have 1261 # publisher permissions on the given Cloud Pub/Sub topic. Not having adequate 1262 # permissions will cause the calls that send notifications to fail. 1263 }, 1264 "streamConfigs": [ # A list of streaming configs that configure the destinations of streaming 1265 # export for every resource mutation in this FHIR store. Each store is 1266 # allowed to have up to 10 streaming configs. 1267 # After a new config is added, the next resource mutation will be streamed to 1268 # the new location in addition to the existing ones. 1269 # When a location is removed from the list, the server will simply stop 1270 # streaming to that location. Before adding a new config, you must add the 1271 # required 1272 # [`bigquery.dataEditor`](https://cloud.google.com/bigquery/docs/access-control#bigquery.dataEditor) 1273 # role to your project's **Cloud Healthcare Service Agent** 1274 # [service account](https://cloud.google.com/iam/docs/service-accounts). 1275 # Some lag (typically on the order of dozens of seconds) is expected before 1276 # the results show up in the streaming destination. 1277 { # This structure contains configuration for streaming FHIR export. 1278 "bigqueryDestination": { # The configuration for exporting to BigQuery. # The destination BigQuery structure that contains both the dataset 1279 # location and corresponding schema config. 1280 # The output will be organized in one table per resource type. 1281 # The server will inspect and potentially create new tables (if they 1282 # don't exist) in the given BigQuery dataset. 1283 # Results will be appended to the corresponding BigQuery tables. 1284 # The views of the latest snapshot will also be automatically created in 1285 # the dataset. 1286 "datasetUri": "A String", # BigQuery URI to a dataset, up to 2000 characters long, in the format 1287 # `bq://projectId.bqDatasetId` 1288 "schemaConfig": { # Configuration for the FHIR BigQuery and Cloud Storage schema. Determines # The configuration for the exported BigQuery schema. 1289 # how the server generates the schema. 1290 "schemaType": "A String", # Specifies the output schema type. If unspecified, the default is 1291 # `LOSSLESS`. 1292 "recursiveStructureDepth": "A String", # The depth for all recursive structures in the output analytics 1293 # schema. For example, `concept` in the CodeSystem resource is a recursive 1294 # structure; when the depth is 2, the CodeSystem table will have a column 1295 # called `concept.concept` but not `concept.concept.concept`. If not 1296 # specified or set to 0, the server will use the default value 2. 1297 }, 1298 }, 1299 "resourceTypes": [ # Supply a FHIR resource type (such as "Patient" or "Observation"). 1300 # See https://www.hl7.org/fhir/valueset-resource-types.html for a list of 1301 # all FHIR resource types. 1302 # The server will treat an empty list as an intent to stream all the 1303 # supported resource types in this FHIR store. 1304 "A String", 1305 ], 1306 }, 1307 ], 1308 "disableReferentialIntegrity": True or False, # Whether to disable referential integrity in this FHIR store. This field is 1309 # immutable after FHIR store creation. 1310 # The default value is false, meaning that the API will enforce referential 1311 # integrity and fail the requests that will result in inconsistent state in 1312 # the FHIR store. 1313 # When this field is set to true, the API will skip referential integrity 1314 # check. Consequently, operations that rely on references, such as 1315 # GetPatientEverything, will not return all the results if broken references 1316 # exist. 1317 "disableResourceVersioning": True or False, # Whether to disable resource versioning for this FHIR store. This field can 1318 # not be changed after the creation of FHIR store. 1319 # If set to false, which is the default behavior, all write operations will 1320 # cause historical versions to be recorded automatically. The historical 1321 # versions can be fetched through the history APIs, but cannot be updated. 1322 # If set to true, no historical versions will be kept. The server will send 1323 # back errors for attempts to read the historical versions. 1324} 1325 1326 updateMask: string, The update mask applies to the resource. For the `FieldMask` definition, 1327see 1328https://developers.google.com/protocol-buffers/docs/reference/google.protobuf#fieldmask 1329 x__xgafv: string, V1 error format. 1330 Allowed values 1331 1 - v1 error format 1332 2 - v2 error format 1333 1334Returns: 1335 An object of the form: 1336 1337 { # Represents a FHIR store. 1338 "enableHistoryImport": True or False, # Whether to allow the bulk import API to accept history bundles and directly 1339 # insert historical resource versions into the FHIR store. Importing resource 1340 # histories creates resource interactions that appear to have occurred in the 1341 # past, which clients may not want to allow. If set to false, history bundles 1342 # within an import will fail with an error. 1343 "name": "A String", # Output only. Resource name of the FHIR store, of the form 1344 # `projects/{project_id}/datasets/{dataset_id}/fhirStores/{fhir_store_id}`. 1345 "labels": { # User-supplied key-value pairs used to organize FHIR stores. 1346 # 1347 # Label keys must be between 1 and 63 characters long, have a UTF-8 encoding 1348 # of maximum 128 bytes, and must conform to the 1349 # following PCRE regular expression: 1350 # \p{Ll}\p{Lo}{0,62} 1351 # 1352 # Label values are optional, must be between 1 and 63 characters long, have 1353 # a UTF-8 encoding of maximum 128 bytes, and must conform to the 1354 # following PCRE regular expression: [\p{Ll}\p{Lo}\p{N}_-]{0,63} 1355 # 1356 # No more than 64 labels can be associated with a given store. 1357 "a_key": "A String", 1358 }, 1359 "enableUpdateCreate": True or False, # Whether this FHIR store has the [updateCreate 1360 # capability](https://www.hl7.org/fhir/capabilitystatement-definitions.html#CapabilityStatement.rest.resource.updateCreate). 1361 # This determines if the client can use an Update operation to create a new 1362 # resource with a client-specified ID. If false, all IDs are server-assigned 1363 # through the Create operation and attempts to Update a non-existent resource 1364 # will return errors. Please treat the audit logs with appropriate levels of 1365 # care if client-specified resource IDs contain sensitive data such as 1366 # patient identifiers, those IDs will be part of the FHIR resource path 1367 # recorded in Cloud audit logs and Cloud Pub/Sub notifications. 1368 "notificationConfig": { # Specifies where notifications should be sent upon changes to a data store. # If non-empty, publish all resource modifications of this FHIR store to 1369 # this destination. The Cloud Pub/Sub message attributes will contain a map 1370 # with a string describing the action that has triggered the notification, 1371 # e.g. "action":"CreateResource". 1372 "pubsubTopic": "A String", # The [Cloud Pub/Sub](https://cloud.google.com/pubsub/docs/) topic that 1373 # notifications of changes are published on. Supplied by the client. 1374 # PubsubMessage.Data will contain the resource name. 1375 # PubsubMessage.MessageId is the ID of this message. It is guaranteed to be 1376 # unique within the topic. 1377 # PubsubMessage.PublishTime is the time at which the message was published. 1378 # Notifications are only sent if the topic is 1379 # non-empty. [Topic 1380 # names](https://cloud.google.com/pubsub/docs/overview#names) must be scoped 1381 # to a project. cloud-healthcare@system.gserviceaccount.com must have 1382 # publisher permissions on the given Cloud Pub/Sub topic. Not having adequate 1383 # permissions will cause the calls that send notifications to fail. 1384 }, 1385 "streamConfigs": [ # A list of streaming configs that configure the destinations of streaming 1386 # export for every resource mutation in this FHIR store. Each store is 1387 # allowed to have up to 10 streaming configs. 1388 # After a new config is added, the next resource mutation will be streamed to 1389 # the new location in addition to the existing ones. 1390 # When a location is removed from the list, the server will simply stop 1391 # streaming to that location. Before adding a new config, you must add the 1392 # required 1393 # [`bigquery.dataEditor`](https://cloud.google.com/bigquery/docs/access-control#bigquery.dataEditor) 1394 # role to your project's **Cloud Healthcare Service Agent** 1395 # [service account](https://cloud.google.com/iam/docs/service-accounts). 1396 # Some lag (typically on the order of dozens of seconds) is expected before 1397 # the results show up in the streaming destination. 1398 { # This structure contains configuration for streaming FHIR export. 1399 "bigqueryDestination": { # The configuration for exporting to BigQuery. # The destination BigQuery structure that contains both the dataset 1400 # location and corresponding schema config. 1401 # The output will be organized in one table per resource type. 1402 # The server will inspect and potentially create new tables (if they 1403 # don't exist) in the given BigQuery dataset. 1404 # Results will be appended to the corresponding BigQuery tables. 1405 # The views of the latest snapshot will also be automatically created in 1406 # the dataset. 1407 "datasetUri": "A String", # BigQuery URI to a dataset, up to 2000 characters long, in the format 1408 # `bq://projectId.bqDatasetId` 1409 "schemaConfig": { # Configuration for the FHIR BigQuery and Cloud Storage schema. Determines # The configuration for the exported BigQuery schema. 1410 # how the server generates the schema. 1411 "schemaType": "A String", # Specifies the output schema type. If unspecified, the default is 1412 # `LOSSLESS`. 1413 "recursiveStructureDepth": "A String", # The depth for all recursive structures in the output analytics 1414 # schema. For example, `concept` in the CodeSystem resource is a recursive 1415 # structure; when the depth is 2, the CodeSystem table will have a column 1416 # called `concept.concept` but not `concept.concept.concept`. If not 1417 # specified or set to 0, the server will use the default value 2. 1418 }, 1419 }, 1420 "resourceTypes": [ # Supply a FHIR resource type (such as "Patient" or "Observation"). 1421 # See https://www.hl7.org/fhir/valueset-resource-types.html for a list of 1422 # all FHIR resource types. 1423 # The server will treat an empty list as an intent to stream all the 1424 # supported resource types in this FHIR store. 1425 "A String", 1426 ], 1427 }, 1428 ], 1429 "disableReferentialIntegrity": True or False, # Whether to disable referential integrity in this FHIR store. This field is 1430 # immutable after FHIR store creation. 1431 # The default value is false, meaning that the API will enforce referential 1432 # integrity and fail the requests that will result in inconsistent state in 1433 # the FHIR store. 1434 # When this field is set to true, the API will skip referential integrity 1435 # check. Consequently, operations that rely on references, such as 1436 # GetPatientEverything, will not return all the results if broken references 1437 # exist. 1438 "disableResourceVersioning": True or False, # Whether to disable resource versioning for this FHIR store. This field can 1439 # not be changed after the creation of FHIR store. 1440 # If set to false, which is the default behavior, all write operations will 1441 # cause historical versions to be recorded automatically. The historical 1442 # versions can be fetched through the history APIs, but cannot be updated. 1443 # If set to true, no historical versions will be kept. The server will send 1444 # back errors for attempts to read the historical versions. 1445 }</pre> 1446</div> 1447 1448<div class="method"> 1449 <code class="details" id="setIamPolicy">setIamPolicy(resource, body, x__xgafv=None)</code> 1450 <pre>Sets the access control policy for a FHIR store or security label within a 1451FHIR store. Replaces any existing policy. 1452 1453Authorization requires the Google IAM permission 1454'healthcare.fhirStores.setIamPolicy' for a FHIR store or 1455'healthcare.securityLabels.setIamPolicy' for a security label 1456 1457Args: 1458 resource: string, REQUIRED: The resource for which the policy is being specified. 1459See the operation documentation for the appropriate value for this field. (required) 1460 body: object, The request body. (required) 1461 The object takes the form of: 1462 1463{ # Request message for `SetIamPolicy` method. 1464 "policy": { # Defines an Identity and Access Management (IAM) policy. It is used to # REQUIRED: The complete policy to be applied to the `resource`. The size of 1465 # the policy is limited to a few 10s of KB. An empty policy is a 1466 # valid policy but certain Cloud Platform services (such as Projects) 1467 # might reject them. 1468 # specify access control policies for Cloud Platform resources. 1469 # 1470 # 1471 # A `Policy` consists of a list of `bindings`. A `binding` binds a list of 1472 # `members` to a `role`, where the members can be user accounts, Google groups, 1473 # Google domains, and service accounts. A `role` is a named list of permissions 1474 # defined by IAM. 1475 # 1476 # **JSON Example** 1477 # 1478 # { 1479 # "bindings": [ 1480 # { 1481 # "role": "roles/owner", 1482 # "members": [ 1483 # "user:mike@example.com", 1484 # "group:admins@example.com", 1485 # "domain:google.com", 1486 # "serviceAccount:my-other-app@appspot.gserviceaccount.com" 1487 # ] 1488 # }, 1489 # { 1490 # "role": "roles/viewer", 1491 # "members": ["user:sean@example.com"] 1492 # } 1493 # ] 1494 # } 1495 # 1496 # **YAML Example** 1497 # 1498 # bindings: 1499 # - members: 1500 # - user:mike@example.com 1501 # - group:admins@example.com 1502 # - domain:google.com 1503 # - serviceAccount:my-other-app@appspot.gserviceaccount.com 1504 # role: roles/owner 1505 # - members: 1506 # - user:sean@example.com 1507 # role: roles/viewer 1508 # 1509 # 1510 # For a description of IAM and its features, see the 1511 # [IAM developer's guide](https://cloud.google.com/iam/docs). 1512 "auditConfigs": [ # Specifies cloud audit logging configuration for this policy. 1513 { # Specifies the audit configuration for a service. 1514 # The configuration determines which permission types are logged, and what 1515 # identities, if any, are exempted from logging. 1516 # An AuditConfig must have one or more AuditLogConfigs. 1517 # 1518 # If there are AuditConfigs for both `allServices` and a specific service, 1519 # the union of the two AuditConfigs is used for that service: the log_types 1520 # specified in each AuditConfig are enabled, and the exempted_members in each 1521 # AuditLogConfig are exempted. 1522 # 1523 # Example Policy with multiple AuditConfigs: 1524 # 1525 # { 1526 # "audit_configs": [ 1527 # { 1528 # "service": "allServices" 1529 # "audit_log_configs": [ 1530 # { 1531 # "log_type": "DATA_READ", 1532 # "exempted_members": [ 1533 # "user:foo@gmail.com" 1534 # ] 1535 # }, 1536 # { 1537 # "log_type": "DATA_WRITE", 1538 # }, 1539 # { 1540 # "log_type": "ADMIN_READ", 1541 # } 1542 # ] 1543 # }, 1544 # { 1545 # "service": "fooservice.googleapis.com" 1546 # "audit_log_configs": [ 1547 # { 1548 # "log_type": "DATA_READ", 1549 # }, 1550 # { 1551 # "log_type": "DATA_WRITE", 1552 # "exempted_members": [ 1553 # "user:bar@gmail.com" 1554 # ] 1555 # } 1556 # ] 1557 # } 1558 # ] 1559 # } 1560 # 1561 # For fooservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ 1562 # logging. It also exempts foo@gmail.com from DATA_READ logging, and 1563 # bar@gmail.com from DATA_WRITE logging. 1564 "auditLogConfigs": [ # The configuration for logging of each type of permission. 1565 { # Provides the configuration for logging a type of permissions. 1566 # Example: 1567 # 1568 # { 1569 # "audit_log_configs": [ 1570 # { 1571 # "log_type": "DATA_READ", 1572 # "exempted_members": [ 1573 # "user:foo@gmail.com" 1574 # ] 1575 # }, 1576 # { 1577 # "log_type": "DATA_WRITE", 1578 # } 1579 # ] 1580 # } 1581 # 1582 # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting 1583 # foo@gmail.com from DATA_READ logging. 1584 "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of 1585 # permission. 1586 # Follows the same format of Binding.members. 1587 "A String", 1588 ], 1589 "logType": "A String", # The log type that this config enables. 1590 }, 1591 ], 1592 "service": "A String", # Specifies a service that will be enabled for audit logging. 1593 # For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. 1594 # `allServices` is a special value that covers all services. 1595 }, 1596 ], 1597 "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help 1598 # prevent simultaneous updates of a policy from overwriting each other. 1599 # It is strongly suggested that systems make use of the `etag` in the 1600 # read-modify-write cycle to perform policy updates in order to avoid race 1601 # conditions: An `etag` is returned in the response to `getIamPolicy`, and 1602 # systems are expected to put that etag in the request to `setIamPolicy` to 1603 # ensure that their change will be applied to the same version of the policy. 1604 # 1605 # If no `etag` is provided in the call to `setIamPolicy`, then the existing 1606 # policy is overwritten blindly. 1607 "bindings": [ # Associates a list of `members` to a `role`. 1608 # `bindings` with no members will result in an error. 1609 { # Associates `members` with a `role`. 1610 "role": "A String", # Role that is assigned to `members`. 1611 # For example, `roles/viewer`, `roles/editor`, or `roles/owner`. 1612 "condition": { # Represents an expression text. Example: # The condition that is associated with this binding. 1613 # NOTE: An unsatisfied condition will not allow user access via current 1614 # binding. Different bindings, including their conditions, are examined 1615 # independently. 1616 # 1617 # title: "User account presence" 1618 # description: "Determines whether the request has a user account" 1619 # expression: "size(request.user) > 0" 1620 "description": "A String", # An optional description of the expression. This is a longer text which 1621 # describes the expression, e.g. when hovered over it in a UI. 1622 "expression": "A String", # Textual representation of an expression in 1623 # Common Expression Language syntax. 1624 # 1625 # The application context of the containing message determines which 1626 # well-known feature set of CEL is supported. 1627 "location": "A String", # An optional string indicating the location of the expression for error 1628 # reporting, e.g. a file name and a position in the file. 1629 "title": "A String", # An optional title for the expression, i.e. a short string describing 1630 # its purpose. This can be used e.g. in UIs which allow to enter the 1631 # expression. 1632 }, 1633 "members": [ # Specifies the identities requesting access for a Cloud Platform resource. 1634 # `members` can have the following values: 1635 # 1636 # * `allUsers`: A special identifier that represents anyone who is 1637 # on the internet; with or without a Google account. 1638 # 1639 # * `allAuthenticatedUsers`: A special identifier that represents anyone 1640 # who is authenticated with a Google account or a service account. 1641 # 1642 # * `user:{emailid}`: An email address that represents a specific Google 1643 # account. For example, `alice@gmail.com` . 1644 # 1645 # 1646 # * `serviceAccount:{emailid}`: An email address that represents a service 1647 # account. For example, `my-other-app@appspot.gserviceaccount.com`. 1648 # 1649 # * `group:{emailid}`: An email address that represents a Google group. 1650 # For example, `admins@example.com`. 1651 # 1652 # 1653 # * `domain:{domain}`: The G Suite domain (primary) that represents all the 1654 # users of that domain. For example, `google.com` or `example.com`. 1655 # 1656 "A String", 1657 ], 1658 }, 1659 ], 1660 "version": 42, # Deprecated. 1661 }, 1662 "updateMask": "A String", # OPTIONAL: A FieldMask specifying which fields of the policy to modify. Only 1663 # the fields in the mask will be modified. If no mask is provided, the 1664 # following default mask is used: 1665 # paths: "bindings, etag" 1666 # This field is only used by Cloud IAM. 1667 } 1668 1669 x__xgafv: string, V1 error format. 1670 Allowed values 1671 1 - v1 error format 1672 2 - v2 error format 1673 1674Returns: 1675 An object of the form: 1676 1677 { # Defines an Identity and Access Management (IAM) policy. It is used to 1678 # specify access control policies for Cloud Platform resources. 1679 # 1680 # 1681 # A `Policy` consists of a list of `bindings`. A `binding` binds a list of 1682 # `members` to a `role`, where the members can be user accounts, Google groups, 1683 # Google domains, and service accounts. A `role` is a named list of permissions 1684 # defined by IAM. 1685 # 1686 # **JSON Example** 1687 # 1688 # { 1689 # "bindings": [ 1690 # { 1691 # "role": "roles/owner", 1692 # "members": [ 1693 # "user:mike@example.com", 1694 # "group:admins@example.com", 1695 # "domain:google.com", 1696 # "serviceAccount:my-other-app@appspot.gserviceaccount.com" 1697 # ] 1698 # }, 1699 # { 1700 # "role": "roles/viewer", 1701 # "members": ["user:sean@example.com"] 1702 # } 1703 # ] 1704 # } 1705 # 1706 # **YAML Example** 1707 # 1708 # bindings: 1709 # - members: 1710 # - user:mike@example.com 1711 # - group:admins@example.com 1712 # - domain:google.com 1713 # - serviceAccount:my-other-app@appspot.gserviceaccount.com 1714 # role: roles/owner 1715 # - members: 1716 # - user:sean@example.com 1717 # role: roles/viewer 1718 # 1719 # 1720 # For a description of IAM and its features, see the 1721 # [IAM developer's guide](https://cloud.google.com/iam/docs). 1722 "auditConfigs": [ # Specifies cloud audit logging configuration for this policy. 1723 { # Specifies the audit configuration for a service. 1724 # The configuration determines which permission types are logged, and what 1725 # identities, if any, are exempted from logging. 1726 # An AuditConfig must have one or more AuditLogConfigs. 1727 # 1728 # If there are AuditConfigs for both `allServices` and a specific service, 1729 # the union of the two AuditConfigs is used for that service: the log_types 1730 # specified in each AuditConfig are enabled, and the exempted_members in each 1731 # AuditLogConfig are exempted. 1732 # 1733 # Example Policy with multiple AuditConfigs: 1734 # 1735 # { 1736 # "audit_configs": [ 1737 # { 1738 # "service": "allServices" 1739 # "audit_log_configs": [ 1740 # { 1741 # "log_type": "DATA_READ", 1742 # "exempted_members": [ 1743 # "user:foo@gmail.com" 1744 # ] 1745 # }, 1746 # { 1747 # "log_type": "DATA_WRITE", 1748 # }, 1749 # { 1750 # "log_type": "ADMIN_READ", 1751 # } 1752 # ] 1753 # }, 1754 # { 1755 # "service": "fooservice.googleapis.com" 1756 # "audit_log_configs": [ 1757 # { 1758 # "log_type": "DATA_READ", 1759 # }, 1760 # { 1761 # "log_type": "DATA_WRITE", 1762 # "exempted_members": [ 1763 # "user:bar@gmail.com" 1764 # ] 1765 # } 1766 # ] 1767 # } 1768 # ] 1769 # } 1770 # 1771 # For fooservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ 1772 # logging. It also exempts foo@gmail.com from DATA_READ logging, and 1773 # bar@gmail.com from DATA_WRITE logging. 1774 "auditLogConfigs": [ # The configuration for logging of each type of permission. 1775 { # Provides the configuration for logging a type of permissions. 1776 # Example: 1777 # 1778 # { 1779 # "audit_log_configs": [ 1780 # { 1781 # "log_type": "DATA_READ", 1782 # "exempted_members": [ 1783 # "user:foo@gmail.com" 1784 # ] 1785 # }, 1786 # { 1787 # "log_type": "DATA_WRITE", 1788 # } 1789 # ] 1790 # } 1791 # 1792 # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting 1793 # foo@gmail.com from DATA_READ logging. 1794 "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of 1795 # permission. 1796 # Follows the same format of Binding.members. 1797 "A String", 1798 ], 1799 "logType": "A String", # The log type that this config enables. 1800 }, 1801 ], 1802 "service": "A String", # Specifies a service that will be enabled for audit logging. 1803 # For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. 1804 # `allServices` is a special value that covers all services. 1805 }, 1806 ], 1807 "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help 1808 # prevent simultaneous updates of a policy from overwriting each other. 1809 # It is strongly suggested that systems make use of the `etag` in the 1810 # read-modify-write cycle to perform policy updates in order to avoid race 1811 # conditions: An `etag` is returned in the response to `getIamPolicy`, and 1812 # systems are expected to put that etag in the request to `setIamPolicy` to 1813 # ensure that their change will be applied to the same version of the policy. 1814 # 1815 # If no `etag` is provided in the call to `setIamPolicy`, then the existing 1816 # policy is overwritten blindly. 1817 "bindings": [ # Associates a list of `members` to a `role`. 1818 # `bindings` with no members will result in an error. 1819 { # Associates `members` with a `role`. 1820 "role": "A String", # Role that is assigned to `members`. 1821 # For example, `roles/viewer`, `roles/editor`, or `roles/owner`. 1822 "condition": { # Represents an expression text. Example: # The condition that is associated with this binding. 1823 # NOTE: An unsatisfied condition will not allow user access via current 1824 # binding. Different bindings, including their conditions, are examined 1825 # independently. 1826 # 1827 # title: "User account presence" 1828 # description: "Determines whether the request has a user account" 1829 # expression: "size(request.user) > 0" 1830 "description": "A String", # An optional description of the expression. This is a longer text which 1831 # describes the expression, e.g. when hovered over it in a UI. 1832 "expression": "A String", # Textual representation of an expression in 1833 # Common Expression Language syntax. 1834 # 1835 # The application context of the containing message determines which 1836 # well-known feature set of CEL is supported. 1837 "location": "A String", # An optional string indicating the location of the expression for error 1838 # reporting, e.g. a file name and a position in the file. 1839 "title": "A String", # An optional title for the expression, i.e. a short string describing 1840 # its purpose. This can be used e.g. in UIs which allow to enter the 1841 # expression. 1842 }, 1843 "members": [ # Specifies the identities requesting access for a Cloud Platform resource. 1844 # `members` can have the following values: 1845 # 1846 # * `allUsers`: A special identifier that represents anyone who is 1847 # on the internet; with or without a Google account. 1848 # 1849 # * `allAuthenticatedUsers`: A special identifier that represents anyone 1850 # who is authenticated with a Google account or a service account. 1851 # 1852 # * `user:{emailid}`: An email address that represents a specific Google 1853 # account. For example, `alice@gmail.com` . 1854 # 1855 # 1856 # * `serviceAccount:{emailid}`: An email address that represents a service 1857 # account. For example, `my-other-app@appspot.gserviceaccount.com`. 1858 # 1859 # * `group:{emailid}`: An email address that represents a Google group. 1860 # For example, `admins@example.com`. 1861 # 1862 # 1863 # * `domain:{domain}`: The G Suite domain (primary) that represents all the 1864 # users of that domain. For example, `google.com` or `example.com`. 1865 # 1866 "A String", 1867 ], 1868 }, 1869 ], 1870 "version": 42, # Deprecated. 1871 }</pre> 1872</div> 1873 1874<div class="method"> 1875 <code class="details" id="testIamPermissions">testIamPermissions(resource, body, x__xgafv=None)</code> 1876 <pre>Returns permissions that a caller has on the specified resource. If the 1877resource does not exist, this will return an empty set of permissions, not 1878a NOT_FOUND error. 1879 1880There is no permission required to make this API call. 1881 1882Args: 1883 resource: string, REQUIRED: The resource for which the policy detail is being requested. 1884See the operation documentation for the appropriate value for this field. (required) 1885 body: object, The request body. (required) 1886 The object takes the form of: 1887 1888{ # Request message for `TestIamPermissions` method. 1889 "permissions": [ # The set of permissions to check for the `resource`. Permissions with 1890 # wildcards (such as '*' or 'storage.*') are not allowed. For more 1891 # information see 1892 # [IAM Overview](https://cloud.google.com/iam/docs/overview#permissions). 1893 "A String", 1894 ], 1895 } 1896 1897 x__xgafv: string, V1 error format. 1898 Allowed values 1899 1 - v1 error format 1900 2 - v2 error format 1901 1902Returns: 1903 An object of the form: 1904 1905 { # Response message for `TestIamPermissions` method. 1906 "permissions": [ # A subset of `TestPermissionsRequest.permissions` that the caller is 1907 # allowed. 1908 "A String", 1909 ], 1910 }</pre> 1911</div> 1912 1913</body></html>