privateca/v1beta1/privateca-gen.go - third_party/github.com/googleapis/google-api-go-client - Git at Google

 // Copyright 2021 Google LLC.
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.

 // Code generated file. DO NOT EDIT.

 // Package privateca provides access to the Certificate Authority API.
 //
 // For product documentation, see: https://cloud.google.com/
 //
 // Creating a client
 //
 // Usage example:
 //
 //   import "google.golang.org/api/privateca/v1beta1"
 //   ...
 //   ctx := context.Background()
 //   privatecaService, err := privateca.NewService(ctx)
 //
 // In this example, Google Application Default Credentials are used for authentication.
 //
 // For information on how to create and obtain Application Default Credentials, see https://developers.google.com/identity/protocols/application-default-credentials.
 //
 // Other authentication options
 //
 // To use an API key for authentication (note: some APIs do not support API keys), use option.WithAPIKey:
 //
 //   privatecaService, err := privateca.NewService(ctx, option.WithAPIKey("AIza..."))
 //
 // To use an OAuth token (e.g., a user token obtained via a three-legged OAuth flow), use option.WithTokenSource:
 //
 //   config := &oauth2.Config{...}
 //   // ...
 //   token, err := config.Exchange(ctx, ...)
 //   privatecaService, err := privateca.NewService(ctx, option.WithTokenSource(config.TokenSource(ctx, token)))
 //
 // See https://godoc.org/google.golang.org/api/option/ for details on options.
 package privateca // import "google.golang.org/api/privateca/v1beta1"

 import (
 	"bytes"
 	"context"
 	"encoding/json"
 	"errors"
 	"fmt"
 	"io"
 	"net/http"
 	"net/url"
 	"strconv"
 	"strings"

 	googleapi "google.golang.org/api/googleapi"
 	gensupport "google.golang.org/api/internal/gensupport"
 	option "google.golang.org/api/option"
 	internaloption "google.golang.org/api/option/internaloption"
 	htransport "google.golang.org/api/transport/http"
 )

 // Always reference these packages, just in case the auto-generated code
 // below doesn't.
 var _ = bytes.NewBuffer
 var _ = strconv.Itoa
 var _ = fmt.Sprintf
 var _ = json.NewDecoder
 var _ = io.Copy
 var _ = url.Parse
 var _ = gensupport.MarshalJSON
 var _ = googleapi.Version
 var _ = errors.New
 var _ = strings.Replace
 var _ = context.Canceled
 var _ = internaloption.WithDefaultEndpoint

 const apiId = "privateca:v1beta1"
 const apiName = "privateca"
 const apiVersion = "v1beta1"
 const basePath = "https://privateca.googleapis.com/"
 const mtlsBasePath = "https://privateca.mtls.googleapis.com/"

 // OAuth2 scopes used by this API.
 const (
 	// View and manage your data across Google Cloud Platform services
 	CloudPlatformScope = "https://www.googleapis.com/auth/cloud-platform"
 )

 // NewService creates a new Service.
 func NewService(ctx context.Context, opts ...option.ClientOption) (*Service, error) {
 	scopesOption := option.WithScopes(
 		"https://www.googleapis.com/auth/cloud-platform",
 	)
 	// NOTE: prepend, so we don't override user-specified scopes.
 	opts = append([]option.ClientOption{scopesOption}, opts...)
 	opts = append(opts, internaloption.WithDefaultEndpoint(basePath))
 	opts = append(opts, internaloption.WithDefaultMTLSEndpoint(mtlsBasePath))
 	client, endpoint, err := htransport.NewClient(ctx, opts...)
 	if err != nil {
 		return nil, err
 	}
 	s, err := New(client)
 	if err != nil {
 		return nil, err
 	}
 	if endpoint != "" {
 		s.BasePath = endpoint
 	}
 	return s, nil
 }

 // New creates a new Service. It uses the provided http.Client for requests.
 //
 // Deprecated: please use NewService instead.
 // To provide a custom HTTP client, use option.WithHTTPClient.
 // If you are using google.golang.org/api/googleapis/transport.APIKey, use option.WithAPIKey with NewService instead.
 func New(client *http.Client) (*Service, error) {
 	if client == nil {
 		return nil, errors.New("client is nil")
 	}
 	s := &Service{client: client, BasePath: basePath}
 	s.Projects = NewProjectsService(s)
 	return s, nil
 }

 type Service struct {
 	client    *http.Client
 	BasePath  string // API endpoint base URL
 	UserAgent string // optional additional User-Agent fragment

 	Projects *ProjectsService
 }

 func (s *Service) userAgent() string {
 	if s.UserAgent == "" {
 		return googleapi.UserAgent
 	}
 	return googleapi.UserAgent + " " + s.UserAgent
 }

 func NewProjectsService(s *Service) *ProjectsService {
 	rs := &ProjectsService{s: s}
 	rs.Locations = NewProjectsLocationsService(s)
 	return rs
 }

 type ProjectsService struct {
 	s *Service

 	Locations *ProjectsLocationsService
 }

 func NewProjectsLocationsService(s *Service) *ProjectsLocationsService {
 	rs := &ProjectsLocationsService{s: s}
 	rs.CertificateAuthorities = NewProjectsLocationsCertificateAuthoritiesService(s)
 	rs.Operations = NewProjectsLocationsOperationsService(s)
 	rs.ReusableConfigs = NewProjectsLocationsReusableConfigsService(s)
 	return rs
 }

 type ProjectsLocationsService struct {
 	s *Service

 	CertificateAuthorities *ProjectsLocationsCertificateAuthoritiesService

 	Operations *ProjectsLocationsOperationsService

 	ReusableConfigs *ProjectsLocationsReusableConfigsService
 }

 func NewProjectsLocationsCertificateAuthoritiesService(s *Service) *ProjectsLocationsCertificateAuthoritiesService {
 	rs := &ProjectsLocationsCertificateAuthoritiesService{s: s}
 	rs.CertificateRevocationLists = NewProjectsLocationsCertificateAuthoritiesCertificateRevocationListsService(s)
 	rs.Certificates = NewProjectsLocationsCertificateAuthoritiesCertificatesService(s)
 	return rs
 }

 type ProjectsLocationsCertificateAuthoritiesService struct {
 	s *Service

 	CertificateRevocationLists *ProjectsLocationsCertificateAuthoritiesCertificateRevocationListsService

 	Certificates *ProjectsLocationsCertificateAuthoritiesCertificatesService
 }

 func NewProjectsLocationsCertificateAuthoritiesCertificateRevocationListsService(s *Service) *ProjectsLocationsCertificateAuthoritiesCertificateRevocationListsService {
 	rs := &ProjectsLocationsCertificateAuthoritiesCertificateRevocationListsService{s: s}
 	return rs
 }

 type ProjectsLocationsCertificateAuthoritiesCertificateRevocationListsService struct {
 	s *Service
 }

 func NewProjectsLocationsCertificateAuthoritiesCertificatesService(s *Service) *ProjectsLocationsCertificateAuthoritiesCertificatesService {
 	rs := &ProjectsLocationsCertificateAuthoritiesCertificatesService{s: s}
 	return rs
 }

 type ProjectsLocationsCertificateAuthoritiesCertificatesService struct {
 	s *Service
 }

 func NewProjectsLocationsOperationsService(s *Service) *ProjectsLocationsOperationsService {
 	rs := &ProjectsLocationsOperationsService{s: s}
 	return rs
 }

 type ProjectsLocationsOperationsService struct {
 	s *Service
 }

 func NewProjectsLocationsReusableConfigsService(s *Service) *ProjectsLocationsReusableConfigsService {
 	rs := &ProjectsLocationsReusableConfigsService{s: s}
 	return rs
 }

 type ProjectsLocationsReusableConfigsService struct {
 	s *Service
 }

 // AccessUrls: URLs where a CertificateAuthority will publish content.
 type AccessUrls struct {
 	// CaCertificateAccessUrl: The URL where this CertificateAuthority's CA
 	// certificate is published. This will only be set for CAs that have
 	// been activated.
 	CaCertificateAccessUrl string `json:"caCertificateAccessUrl,omitempty"`

 	// CrlAccessUrl: The URL where this CertificateAuthority's CRLs are
 	// published. This will only be set for CAs that have been activated.
 	CrlAccessUrl string `json:"crlAccessUrl,omitempty"`

 	// ForceSendFields is a list of field names (e.g.
 	// "CaCertificateAccessUrl") to unconditionally include in API requests.
 	// By default, fields with empty values are omitted from API requests.
 	// However, any non-pointer, non-interface field appearing in
 	// ForceSendFields will be sent to the server regardless of whether the
 	// field is empty or not. This may be used to include empty fields in
 	// Patch requests.
 	ForceSendFields []string `json:"-"`

 	// NullFields is a list of field names (e.g. "CaCertificateAccessUrl")
 	// to include in API requests with the JSON null value. By default,
 	// fields with empty values are omitted from API requests. However, any
 	// field with an empty value appearing in NullFields will be sent to the
 	// server as null. It is an error if a field in this list has a
 	// non-empty value. This may be used to include null fields in Patch
 	// requests.
 	NullFields []string `json:"-"`
 }

 func (s *AccessUrls) MarshalJSON() ([]byte, error) {
 	type NoMethod AccessUrls
 	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }

 // ActivateCertificateAuthorityRequest: Request message for
 // CertificateAuthorityService.ActivateCertificateAuthority.
 type ActivateCertificateAuthorityRequest struct {
 	// PemCaCertificate: Required. The signed CA certificate issued from
 	// FetchCertificateAuthorityCsrResponse.pem_csr.
 	PemCaCertificate string `json:"pemCaCertificate,omitempty"`

 	// RequestId: Optional. An ID to identify requests. Specify a unique
 	// request ID so that if you must retry your request, the server will
 	// know to ignore the request if it has already been completed. The
 	// server will guarantee that for at least 60 minutes since the first
 	// request. For example, consider a situation where you make an initial
 	// request and t he request times out. If you make the request again
 	// with the same request ID, the server can check if original operation
 	// with the same request ID was received, and if so, will ignore the
 	// second request. This prevents clients from accidentally creating
 	// duplicate commitments. The request ID must be a valid UUID with the
 	// exception that zero UUID is not supported
 	// (00000000-0000-0000-0000-000000000000).
 	RequestId string `json:"requestId,omitempty"`

 	// SubordinateConfig: Required. Must include information about the
 	// issuer of 'pem_ca_certificate', and any further issuers until the
 	// self-signed CA.
 	SubordinateConfig *SubordinateConfig `json:"subordinateConfig,omitempty"`

 	// ForceSendFields is a list of field names (e.g. "PemCaCertificate") to
 	// unconditionally include in API requests. By default, fields with
 	// empty values are omitted from API requests. However, any non-pointer,
 	// non-interface field appearing in ForceSendFields will be sent to the
 	// server regardless of whether the field is empty or not. This may be
 	// used to include empty fields in Patch requests.
 	ForceSendFields []string `json:"-"`

 	// NullFields is a list of field names (e.g. "PemCaCertificate") to
 	// include in API requests with the JSON null value. By default, fields
 	// with empty values are omitted from API requests. However, any field
 	// with an empty value appearing in NullFields will be sent to the
 	// server as null. It is an error if a field in this list has a
 	// non-empty value. This may be used to include null fields in Patch
 	// requests.
 	NullFields []string `json:"-"`
 }

 func (s *ActivateCertificateAuthorityRequest) MarshalJSON() ([]byte, error) {
 	type NoMethod ActivateCertificateAuthorityRequest
 	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }

 type AllowedConfigList struct {
 	// AllowedConfigValues: Required. All Certificates issued by the
 	// CertificateAuthority must match at least one listed
 	// ReusableConfigWrapper. If a ReusableConfigWrapper has an empty field,
 	// any value will be allowed for that field.
 	AllowedConfigValues []*ReusableConfigWrapper `json:"allowedConfigValues,omitempty"`

 	// ForceSendFields is a list of field names (e.g. "AllowedConfigValues")
 	// to unconditionally include in API requests. By default, fields with
 	// empty values are omitted from API requests. However, any non-pointer,
 	// non-interface field appearing in ForceSendFields will be sent to the
 	// server regardless of whether the field is empty or not. This may be
 	// used to include empty fields in Patch requests.
 	ForceSendFields []string `json:"-"`

 	// NullFields is a list of field names (e.g. "AllowedConfigValues") to
 	// include in API requests with the JSON null value. By default, fields
 	// with empty values are omitted from API requests. However, any field
 	// with an empty value appearing in NullFields will be sent to the
 	// server as null. It is an error if a field in this list has a
 	// non-empty value. This may be used to include null fields in Patch
 	// requests.
 	NullFields []string `json:"-"`
 }

 func (s *AllowedConfigList) MarshalJSON() ([]byte, error) {
 	type NoMethod AllowedConfigList
 	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }

 // AllowedSubjectAltNames: AllowedSubjectAltNames specifies the allowed
 // values for SubjectAltNames by the CertificateAuthority when issuing
 // Certificates.
 type AllowedSubjectAltNames struct {
 	// AllowCustomSans: Optional. Specifies if to allow custom X509Extension
 	// values.
 	AllowCustomSans bool `json:"allowCustomSans,omitempty"`

 	// AllowGlobbingDnsWildcards: Optional. Specifies if glob patterns used
 	// for allowed_dns_names allow wildcard certificates. If this is set,
 	// certificate requests with wildcard domains will be permitted to match
 	// a glob pattern specified in allowed_dns_names. Otherwise, certificate
 	// requests with wildcard domains will be permitted only if
 	// allowed_dns_names contains a literal wildcard.
 	AllowGlobbingDnsWildcards bool `json:"allowGlobbingDnsWildcards,omitempty"`

 	// AllowedDnsNames: Optional. Contains valid, fully-qualified host
 	// names. Glob patterns are also supported. To allow an explicit
 	// wildcard certificate, escape with backlash (i.e. "\*"). E.g. for
 	// globbed entries: '*bar.com' will allow 'foo.bar.com', but not
 	// '*.bar.com', unless the allow_globbing_dns_wildcards field is set.
 	// E.g. for wildcard entries: '\*.bar.com' will allow '*.bar.com', but
 	// not 'foo.bar.com'.
 	AllowedDnsNames []string `json:"allowedDnsNames,omitempty"`

 	// AllowedEmailAddresses: Optional. Contains valid RFC 2822 E-mail
 	// addresses. Glob patterns are also supported.
 	AllowedEmailAddresses []string `json:"allowedEmailAddresses,omitempty"`

 	// AllowedIps: Optional. Contains valid 32-bit IPv4 addresses and subnet
 	// ranges or RFC 4291 IPv6 addresses and subnet ranges. Subnet ranges
 	// are specified using the '/' notation (e.g. 10.0.0.0/8,
 	// 2001:700:300:1800::/64). Glob patterns are supported only for ip
 	// address entries (i.e. not for subnet ranges).
 	AllowedIps []string `json:"allowedIps,omitempty"`

 	// AllowedUris: Optional. Contains valid RFC 3986 URIs. Glob patterns
 	// are also supported. To match across path seperators (i.e. '/') use
 	// the double star glob pattern (i.e. '**').
 	AllowedUris []string `json:"allowedUris,omitempty"`

 	// ForceSendFields is a list of field names (e.g. "AllowCustomSans") to
 	// unconditionally include in API requests. By default, fields with
 	// empty values are omitted from API requests. However, any non-pointer,
 	// non-interface field appearing in ForceSendFields will be sent to the
 	// server regardless of whether the field is empty or not. This may be
 	// used to include empty fields in Patch requests.
 	ForceSendFields []string `json:"-"`

 	// NullFields is a list of field names (e.g. "AllowCustomSans") to
 	// include in API requests with the JSON null value. By default, fields
 	// with empty values are omitted from API requests. However, any field
 	// with an empty value appearing in NullFields will be sent to the
 	// server as null. It is an error if a field in this list has a
 	// non-empty value. This may be used to include null fields in Patch
 	// requests.
 	NullFields []string `json:"-"`
 }

 func (s *AllowedSubjectAltNames) MarshalJSON() ([]byte, error) {
 	type NoMethod AllowedSubjectAltNames
 	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }

 // AuditConfig: Specifies the audit configuration for a service. The
 // configuration determines which permission types are logged, and what
 // identities, if any, are exempted from logging. An AuditConfig must
 // have one or more AuditLogConfigs. If there are AuditConfigs for both
 // `allServices` and a specific service, the union of the two
 // AuditConfigs is used for that service: the log_types specified in
 // each AuditConfig are enabled, and the exempted_members in each
 // AuditLogConfig are exempted. Example Policy with multiple
 // AuditConfigs: { "audit_configs": [ { "service": "allServices",
 // "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members":
 // [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, {
 // "log_type": "ADMIN_READ" } ] }, { "service":
 // "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type":
 // "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [
 // "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy
 // enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts
 // jose@example.com from DATA_READ logging, and aliya@example.com from
 // DATA_WRITE logging.
 type AuditConfig struct {
 	// AuditLogConfigs: The configuration for logging of each type of
 	// permission.
 	AuditLogConfigs []*AuditLogConfig `json:"auditLogConfigs,omitempty"`

 	// Service: Specifies a service that will be enabled for audit logging.
 	// For example, `storage.googleapis.com`, `cloudsql.googleapis.com`.
 	// `allServices` is a special value that covers all services.
 	Service string `json:"service,omitempty"`

 	// ForceSendFields is a list of field names (e.g. "AuditLogConfigs") to
 	// unconditionally include in API requests. By default, fields with
 	// empty values are omitted from API requests. However, any non-pointer,
 	// non-interface field appearing in ForceSendFields will be sent to the
 	// server regardless of whether the field is empty or not. This may be
 	// used to include empty fields in Patch requests.
 	ForceSendFields []string `json:"-"`

 	// NullFields is a list of field names (e.g. "AuditLogConfigs") to
 	// include in API requests with the JSON null value. By default, fields
 	// with empty values are omitted from API requests. However, any field
 	// with an empty value appearing in NullFields will be sent to the
 	// server as null. It is an error if a field in this list has a
 	// non-empty value. This may be used to include null fields in Patch
 	// requests.
 	NullFields []string `json:"-"`
 }

 func (s *AuditConfig) MarshalJSON() ([]byte, error) {
 	type NoMethod AuditConfig
 	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }

 // AuditLogConfig: Provides the configuration for logging a type of
 // permissions. Example: { "audit_log_configs": [ { "log_type":
 // "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, {
 // "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and
 // 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ
 // logging.
 type AuditLogConfig struct {
 	// ExemptedMembers: Specifies the identities that do not cause logging
 	// for this type of permission. Follows the same format of
 	// Binding.members.
 	ExemptedMembers []string `json:"exemptedMembers,omitempty"`

 	// LogType: The log type that this config enables.
 	//
 	// Possible values:
 	//   "LOG_TYPE_UNSPECIFIED" - Default case. Should never be this.
 	//   "ADMIN_READ" - Admin reads. Example: CloudIAM getIamPolicy
 	//   "DATA_WRITE" - Data writes. Example: CloudSQL Users create
 	//   "DATA_READ" - Data reads. Example: CloudSQL Users list
 	LogType string `json:"logType,omitempty"`

 	// ForceSendFields is a list of field names (e.g. "ExemptedMembers") to
 	// unconditionally include in API requests. By default, fields with
 	// empty values are omitted from API requests. However, any non-pointer,
 	// non-interface field appearing in ForceSendFields will be sent to the
 	// server regardless of whether the field is empty or not. This may be
 	// used to include empty fields in Patch requests.
 	ForceSendFields []string `json:"-"`

 	// NullFields is a list of field names (e.g. "ExemptedMembers") to
 	// include in API requests with the JSON null value. By default, fields
 	// with empty values are omitted from API requests. However, any field
 	// with an empty value appearing in NullFields will be sent to the
 	// server as null. It is an error if a field in this list has a
 	// non-empty value. This may be used to include null fields in Patch
 	// requests.
 	NullFields []string `json:"-"`
 }

 func (s *AuditLogConfig) MarshalJSON() ([]byte, error) {
 	type NoMethod AuditLogConfig
 	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }

 // BillingView: Message for reporting billing requests through
 // Eventstream.
 type BillingView struct {
 	// ReportRequests: Billing requests to be reported for
 	// cloud.eventstream.v2.ResourceEvent Each request contains billing
 	// operations to be reported under a service name. See
 	// go/billing-view-construction for documentation on constructing
 	// billing view report requests.
 	ReportRequests []*GoogleApiServicecontrolV1ReportRequest `json:"reportRequests,omitempty"`

 	// ForceSendFields is a list of field names (e.g. "ReportRequests") to
 	// unconditionally include in API requests. By default, fields with
 	// empty values are omitted from API requests. However, any non-pointer,
 	// non-interface field appearing in ForceSendFields will be sent to the
 	// server regardless of whether the field is empty or not. This may be
 	// used to include empty fields in Patch requests.
 	ForceSendFields []string `json:"-"`

 	// NullFields is a list of field names (e.g. "ReportRequests") to
 	// include in API requests with the JSON null value. By default, fields
 	// with empty values are omitted from API requests. However, any field
 	// with an empty value appearing in NullFields will be sent to the
 	// server as null. It is an error if a field in this list has a
 	// non-empty value. This may be used to include null fields in Patch
 	// requests.
 	NullFields []string `json:"-"`
 }

 func (s *BillingView) MarshalJSON() ([]byte, error) {
 	type NoMethod BillingView
 	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }

 // Binding: Associates `members` with a `role`.
 type Binding struct {
 	// Condition: The condition that is associated with this binding. If the
 	// condition evaluates to `true`, then this binding applies to the
 	// current request. If the condition evaluates to `false`, then this
 	// binding does not apply to the current request. However, a different
 	// role binding might grant the same role to one or more of the members
 	// in this binding. To learn which resources support conditions in their
 	// IAM policies, see the IAM documentation
 	// (https://cloud.google.com/iam/help/conditions/resource-policies).
 	Condition *Expr `json:"condition,omitempty"`

 	// Members: Specifies the identities requesting access for a Cloud
 	// Platform resource. `members` can have the following values: *
 	// `allUsers`: A special identifier that represents anyone who is on the
 	// internet; with or without a Google account. *
 	// `allAuthenticatedUsers`: A special identifier that represents anyone
 	// who is authenticated with a Google account or a service account. *
 	// `user:{emailid}`: An email address that represents a specific Google
 	// account. For example, `alice@example.com` . *
 	// `serviceAccount:{emailid}`: An email address that represents a
 	// service account. For example,
 	// `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An
 	// email address that represents a Google group. For example,
 	// `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An
 	// email address (plus unique identifier) representing a user that has
 	// been recently deleted. For example,
 	// `alice@example.com?uid=123456789012345678901`. If the user is
 	// recovered, this value reverts to `user:{emailid}` and the recovered
 	// user retains the role in the binding. *
 	// `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address
 	// (plus unique identifier) representing a service account that has been
 	// recently deleted. For example,
 	// `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`.
 	// If the service account is undeleted, this value reverts to
 	// `serviceAccount:{emailid}` and the undeleted service account retains
 	// the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`:
 	// An email address (plus unique identifier) representing a Google group
 	// that has been recently deleted. For example,
 	// `admins@example.com?uid=123456789012345678901`. If the group is
 	// recovered, this value reverts to `group:{emailid}` and the recovered
 	// group retains the role in the binding. * `domain:{domain}`: The G
 	// Suite domain (primary) that represents all the users of that domain.
 	// For example, `google.com` or `example.com`.
 	Members []string `json:"members,omitempty"`

 	// Role: Role that is assigned to `members`. For example,
 	// `roles/viewer`, `roles/editor`, or `roles/owner`.
 	Role string `json:"role,omitempty"`

 	// ForceSendFields is a list of field names (e.g. "Condition") to
 	// unconditionally include in API requests. By default, fields with
 	// empty values are omitted from API requests. However, any non-pointer,
 	// non-interface field appearing in ForceSendFields will be sent to the
 	// server regardless of whether the field is empty or not. This may be
 	// used to include empty fields in Patch requests.
 	ForceSendFields []string `json:"-"`

 	// NullFields is a list of field names (e.g. "Condition") to include in
 	// API requests with the JSON null value. By default, fields with empty
 	// values are omitted from API requests. However, any field with an
 	// empty value appearing in NullFields will be sent to the server as
 	// null. It is an error if a field in this list has a non-empty value.
 	// This may be used to include null fields in Patch requests.
 	NullFields []string `json:"-"`
 }

 func (s *Binding) MarshalJSON() ([]byte, error) {
 	type NoMethod Binding
 	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }

 // CaOptions: Describes values that are relevant in a CA certificate.
 type CaOptions struct {
 	// IsCa: Optional. Refers to the "CA" X.509 extension, which is a
 	// boolean value. When this value is missing, the extension will be
 	// omitted from the CA certificate.
 	IsCa bool `json:"isCa,omitempty"`

 	// MaxIssuerPathLength: Optional. Refers to the path length restriction
 	// X.509 extension. For a CA certificate, this value describes the depth
 	// of subordinate CA certificates that are allowed. If this value is
 	// less than 0, the request will fail. If this value is missing, the max
 	// path length will be omitted from the CA certificate.
 	MaxIssuerPathLength int64 `json:"maxIssuerPathLength,omitempty"`

 	// ForceSendFields is a list of field names (e.g. "IsCa") to
 	// unconditionally include in API requests. By default, fields with
 	// empty values are omitted from API requests. However, any non-pointer,
 	// non-interface field appearing in ForceSendFields will be sent to the
 	// server regardless of whether the field is empty or not. This may be
 	// used to include empty fields in Patch requests.
 	ForceSendFields []string `json:"-"`

 	// NullFields is a list of field names (e.g. "IsCa") to include in API
 	// requests with the JSON null value. By default, fields with empty
 	// values are omitted from API requests. However, any field with an
 	// empty value appearing in NullFields will be sent to the server as
 	// null. It is an error if a field in this list has a non-empty value.
 	// This may be used to include null fields in Patch requests.
 	NullFields []string `json:"-"`
 }

 func (s *CaOptions) MarshalJSON() ([]byte, error) {
 	type NoMethod CaOptions
 	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }

 // CancelOperationRequest: The request message for
 // Operations.CancelOperation.
 type CancelOperationRequest struct {
 }

 // Certificate: A Certificate corresponds to a signed X.509 certificate
 // issued by a CertificateAuthority.
 type Certificate struct {
 	// CertificateDescription: Output only. A structured description of the
 	// issued X.509 certificate.
 	CertificateDescription *CertificateDescription `json:"certificateDescription,omitempty"`

 	// Config: Immutable. A description of the certificate and key that does
 	// not require X.509 or ASN.1.
 	Config *CertificateConfig `json:"config,omitempty"`

 	// CreateTime: Output only. The time at which this Certificate was
 	// created.
 	CreateTime string `json:"createTime,omitempty"`

 	// Labels: Optional. Labels with user-defined metadata.
 	Labels map[string]string `json:"labels,omitempty"`

 	// Lifetime: Required. Immutable. The desired lifetime of a certificate.
 	// Used to create the "not_before_time" and "not_after_time" fields
 	// inside an X.509 certificate. Note that the lifetime may be truncated
 	// if it would extend past the life of any certificate authority in the
 	// issuing chain.
 	Lifetime string `json:"lifetime,omitempty"`

 	// Name: Output only. The resource path for this Certificate in the
 	// format
 	// `projects/*/locations/*/certificateAuthorities/*/certificates/*`.
 	Name string `json:"name,omitempty"`

 	// PemCertificate: Output only. The pem-encoded, signed X.509
 	// certificate.
 	PemCertificate string `json:"pemCertificate,omitempty"`

 	// PemCertificateChain: Output only. The chain that may be used to
 	// verify the X.509 certificate. Expected to be in issuer-to-root order
 	// according to RFC 5246.
 	PemCertificateChain []string `json:"pemCertificateChain,omitempty"`

 	// PemCsr: Immutable. A pem-encoded X.509 certificate signing request
 	// (CSR).
 	PemCsr string `json:"pemCsr,omitempty"`

 	// RevocationDetails: Output only. Details regarding the revocation of
 	// this Certificate. This Certificate is considered revoked if and only
 	// if this field is present.
 	RevocationDetails *RevocationDetails `json:"revocationDetails,omitempty"`

 	// UpdateTime: Output only. The time at which this Certificate was
 	// updated.
 	UpdateTime string `json:"updateTime,omitempty"`

 	// ServerResponse contains the HTTP response code and headers from the
 	// server.
 	googleapi.ServerResponse `json:"-"`

 	// ForceSendFields is a list of field names (e.g.
 	// "CertificateDescription") to unconditionally include in API requests.
 	// By default, fields with empty values are omitted from API requests.
 	// However, any non-pointer, non-interface field appearing in
 	// ForceSendFields will be sent to the server regardless of whether the
 	// field is empty or not. This may be used to include empty fields in
 	// Patch requests.
 	ForceSendFields []string `json:"-"`

 	// NullFields is a list of field names (e.g. "CertificateDescription")
 	// to include in API requests with the JSON null value. By default,
 	// fields with empty values are omitted from API requests. However, any
 	// field with an empty value appearing in NullFields will be sent to the
 	// server as null. It is an error if a field in this list has a
 	// non-empty value. This may be used to include null fields in Patch
 	// requests.
 	NullFields []string `json:"-"`
 }

 func (s *Certificate) MarshalJSON() ([]byte, error) {
 	type NoMethod Certificate
 	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }

 // CertificateAuthority: A CertificateAuthority represents an individual
 // Certificate Authority. A CertificateAuthority can be used to create
 // Certificates.
 type CertificateAuthority struct {
 	// AccessUrls: Output only. URLs for accessing content published by this
 	// CA, such as the CA certificate and CRLs.
 	AccessUrls *AccessUrls `json:"accessUrls,omitempty"`

 	// CaCertificateDescriptions: Output only. A structured description of
 	// this CertificateAuthority's CA certificate and its issuers. Ordered
 	// as self-to-root.
 	CaCertificateDescriptions []*CertificateDescription `json:"caCertificateDescriptions,omitempty"`

 	// CertificatePolicy: Optional. The CertificateAuthorityPolicy to
 	// enforce when issuing Certificates from this CertificateAuthority.
 	CertificatePolicy *CertificateAuthorityPolicy `json:"certificatePolicy,omitempty"`

 	// Config: Required. Immutable. The config used to create a self-signed
 	// X.509 certificate or CSR.
 	Config *CertificateConfig `json:"config,omitempty"`

 	// CreateTime: Output only. The time at which this CertificateAuthority
 	// was created.
 	CreateTime string `json:"createTime,omitempty"`

 	// DeleteTime: Output only. The time at which this CertificateAuthority
 	// will be deleted, if scheduled for deletion.
 	DeleteTime string `json:"deleteTime,omitempty"`

 	// GcsBucket: Immutable. The name of a Cloud Storage bucket where this
 	// CertificateAuthority will publish content, such as the CA certificate
 	// and CRLs. This must be a bucket name, without any prefixes (such as
 	// `gs://`) or suffixes (such as `.googleapis.com`). For example, to use
 	// a bucket named `my-bucket`, you would simply specify `my-bucket`. If
 	// not specified, a managed bucket will be created.
 	GcsBucket string `json:"gcsBucket,omitempty"`

 	// IssuingOptions: Optional. The IssuingOptions to follow when issuing
 	// Certificates from this CertificateAuthority.
 	IssuingOptions *IssuingOptions `json:"issuingOptions,omitempty"`

 	// KeySpec: Required. Immutable. Used when issuing certificates for this
 	// CertificateAuthority. If this CertificateAuthority is a self-signed
 	// CertificateAuthority, this key is also used to sign the self-signed
 	// CA certificate. Otherwise, it is used to sign a CSR.
 	KeySpec *KeyVersionSpec `json:"keySpec,omitempty"`

 	// Labels: Optional. Labels with user-defined metadata.
 	Labels map[string]string `json:"labels,omitempty"`

 	// Lifetime: Required. The desired lifetime of the CA certificate. Used
 	// to create the "not_before_time" and "not_after_time" fields inside an
 	// X.509 certificate.
 	Lifetime string `json:"lifetime,omitempty"`

 	// Name: Output only. The resource name for this CertificateAuthority in
 	// the format `projects/*/locations/*/certificateAuthorities/*`.
 	Name string `json:"name,omitempty"`

 	// PemCaCertificates: Output only. This CertificateAuthority's
 	// certificate chain, including the current CertificateAuthority's
 	// certificate. Ordered such that the root issuer is the final element
 	// (consistent with RFC 5246). For a self-signed CA, this will only list
 	// the current CertificateAuthority's certificate.
 	PemCaCertificates []string `json:"pemCaCertificates,omitempty"`

 	// State: Output only. The State for this CertificateAuthority.
 	//
 	// Possible values:
 	//   "STATE_UNSPECIFIED" - Not specified.
 	//   "ENABLED" - Certificates can be issued from this CA. CRLs will be
 	// generated for this CA.
 	//   "DISABLED" - Certificates cannot be issued from this CA. CRLs will
 	// still be generated.
 	//   "PENDING_ACTIVATION" - Certificates cannot be issued from this CA.
 	// CRLs will not be generated.
 	//   "PENDING_DELETION" - Certificates cannot be issued from this CA.
 	// CRLs will not be generated.
 	State string `json:"state,omitempty"`

 	// SubordinateConfig: Optional. If this is a subordinate
 	// CertificateAuthority, this field will be set with the subordinate
 	// configuration, which describes its issuers. This may be updated, but
 	// this CertificateAuthority must continue to validate.
 	SubordinateConfig *SubordinateConfig `json:"subordinateConfig,omitempty"`

 	// Tier: Required. Immutable. The Tier of this CertificateAuthority.
 	//
 	// Possible values:
 	//   "TIER_UNSPECIFIED" - Not specified.
 	//   "ENTERPRISE" - Enterprise tier.
 	//   "DEVOPS" - DevOps tier.
 	Tier string `json:"tier,omitempty"`

 	// Type: Required. Immutable. The Type of this CertificateAuthority.
 	//
 	// Possible values:
 	//   "TYPE_UNSPECIFIED" - Not specified.
 	//   "SELF_SIGNED" - Self-signed CA.
 	//   "SUBORDINATE" - Subordinate CA. Could be issued by a Private CA
 	// CertificateAuthority or an unmanaged CA.
 	Type string `json:"type,omitempty"`

 	// UpdateTime: Output only. The time at which this CertificateAuthority
 	// was updated.
 	UpdateTime string `json:"updateTime,omitempty"`

 	// ServerResponse contains the HTTP response code and headers from the
 	// server.
 	googleapi.ServerResponse `json:"-"`

 	// ForceSendFields is a list of field names (e.g. "AccessUrls") to
 	// unconditionally include in API requests. By default, fields with
 	// empty values are omitted from API requests. However, any non-pointer,
 	// non-interface field appearing in ForceSendFields will be sent to the
 	// server regardless of whether the field is empty or not. This may be
 	// used to include empty fields in Patch requests.
 	ForceSendFields []string `json:"-"`

 	// NullFields is a list of field names (e.g. "AccessUrls") to include in
 	// API requests with the JSON null value. By default, fields with empty
 	// values are omitted from API requests. However, any field with an
 	// empty value appearing in NullFields will be sent to the server as
 	// null. It is an error if a field in this list has a non-empty value.
 	// This may be used to include null fields in Patch requests.
 	NullFields []string `json:"-"`
 }

 func (s *CertificateAuthority) MarshalJSON() ([]byte, error) {
 	type NoMethod CertificateAuthority
 	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }

 // CertificateAuthorityPolicy: The issuing policy for a
 // CertificateAuthority. Certificates will not be successfully issued
 // from this CertificateAuthority if they violate the policy.
 type CertificateAuthorityPolicy struct {
 	// AllowedCommonNames: Optional. If any value is specified here, then
 	// all Certificates issued by the CertificateAuthority must match at
 	// least one listed value. If no value is specified, all values will be
 	// allowed for this fied. Glob patterns are also supported.
 	AllowedCommonNames []string `json:"allowedCommonNames,omitempty"`

 	// AllowedConfigList: Optional. All Certificates issued by the
 	// CertificateAuthority must match at least one listed
 	// ReusableConfigWrapper in the list.
 	AllowedConfigList *AllowedConfigList `json:"allowedConfigList,omitempty"`

 	// AllowedIssuanceModes: Optional. If specified, then only methods
 	// allowed in the IssuanceModes may be used to issue Certificates.
 	AllowedIssuanceModes *IssuanceModes `json:"allowedIssuanceModes,omitempty"`

 	// AllowedLocationsAndOrganizations: Optional. If any Subject is
 	// specified here, then all Certificates issued by the
 	// CertificateAuthority must match at least one listed Subject. If a
 	// Subject has an empty field, any value will be allowed for that field.
 	AllowedLocationsAndOrganizations []*Subject `json:"allowedLocationsAndOrganizations,omitempty"`

 	// AllowedSans: Optional. If a AllowedSubjectAltNames is specified here,
 	// then all Certificates issued by the CertificateAuthority must match
 	// AllowedSubjectAltNames. If no value or an empty value is specified,
 	// any value will be allowed for the SubjectAltNames field.
 	AllowedSans *AllowedSubjectAltNames `json:"allowedSans,omitempty"`

 	// MaximumLifetime: Optional. The maximum lifetime allowed by the
 	// CertificateAuthority. Note that if the any part if the issuing chain
 	// expires before a Certificate's requested maximum_lifetime, the
 	// effective lifetime will be explicitly truncated.
 	MaximumLifetime string `json:"maximumLifetime,omitempty"`

 	// OverwriteConfigValues: Optional. All Certificates issued by the
 	// CertificateAuthority will use the provided configuration values,
 	// overwriting any requested configuration values.
 	OverwriteConfigValues *ReusableConfigWrapper `json:"overwriteConfigValues,omitempty"`

 	// ForceSendFields is a list of field names (e.g. "AllowedCommonNames")
 	// to unconditionally include in API requests. By default, fields with
 	// empty values are omitted from API requests. However, any non-pointer,
 	// non-interface field appearing in ForceSendFields will be sent to the
 	// server regardless of whether the field is empty or not. This may be
 	// used to include empty fields in Patch requests.
 	ForceSendFields []string `json:"-"`

 	// NullFields is a list of field names (e.g. "AllowedCommonNames") to
 	// include in API requests with the JSON null value. By default, fields
 	// with empty values are omitted from API requests. However, any field
 	// with an empty value appearing in NullFields will be sent to the
 	// server as null. It is an error if a field in this list has a
 	// non-empty value. This may be used to include null fields in Patch
 	// requests.
 	NullFields []string `json:"-"`
 }

 func (s *CertificateAuthorityPolicy) MarshalJSON() ([]byte, error) {
 	type NoMethod CertificateAuthorityPolicy
 	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }

 // CertificateConfig: A CertificateConfig describes an X.509 certificate
 // or CSR that is to be created, as an alternative to using ASN.1.
 type CertificateConfig struct {
 	// PublicKey: Optional. The public key that corresponds to this config.
 	// This is, for example, used when issuing Certificates, but not when
 	// creating a self-signed CertificateAuthority or CertificateAuthority
 	// CSR.
 	PublicKey *PublicKey `json:"publicKey,omitempty"`

 	// ReusableConfig: Required. Describes how some of the technical fields
 	// in a certificate should be populated.
 	ReusableConfig *ReusableConfigWrapper `json:"reusableConfig,omitempty"`

 	// SubjectConfig: Required. Specifies some of the values in a
 	// certificate that are related to the subject.
 	SubjectConfig *SubjectConfig `json:"subjectConfig,omitempty"`

 	// ForceSendFields is a list of field names (e.g. "PublicKey") to
 	// unconditionally include in API requests. By default, fields with
 	// empty values are omitted from API requests. However, any non-pointer,
 	// non-interface field appearing in ForceSendFields will be sent to the
 	// server regardless of whether the field is empty or not. This may be
 	// used to include empty fields in Patch requests.
 	ForceSendFields []string `json:"-"`

 	// NullFields is a list of field names (e.g. "PublicKey") to include in
 	// API requests with the JSON null value. By default, fields with empty
 	// values are omitted from API requests. However, any field with an
 	// empty value appearing in NullFields will be sent to the server as
 	// null. It is an error if a field in this list has a non-empty value.
 	// This may be used to include null fields in Patch requests.
 	NullFields []string `json:"-"`
 }

 func (s *CertificateConfig) MarshalJSON() ([]byte, error) {
 	type NoMethod CertificateConfig
 	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }

 // CertificateDescription: A CertificateDescription describes an X.509
 // certificate or CSR that has been issued, as an alternative to using
 // ASN.1 / X.509.
 type CertificateDescription struct {
 	// AiaIssuingCertificateUrls: Describes lists of issuer CA certificate
 	// URLs that appear in the "Authority Information Access" extension in
 	// the certificate.
 	AiaIssuingCertificateUrls []string `json:"aiaIssuingCertificateUrls,omitempty"`

 	// AuthorityKeyId: Identifies the subject_key_id of the parent
 	// certificate, per https://tools.ietf.org/html/rfc5280#section-4.2.1.1
 	AuthorityKeyId *KeyId `json:"authorityKeyId,omitempty"`

 	// CertFingerprint: The hash of the x.509 certificate.
 	CertFingerprint *CertificateFingerprint `json:"certFingerprint,omitempty"`

 	// ConfigValues: Describes some of the technical fields in a
 	// certificate.
 	ConfigValues *ReusableConfigValues `json:"configValues,omitempty"`

 	// CrlDistributionPoints: Describes a list of locations to obtain CRL
 	// information, i.e. the DistributionPoint.fullName described by
 	// https://tools.ietf.org/html/rfc5280#section-4.2.1.13
 	CrlDistributionPoints []string `json:"crlDistributionPoints,omitempty"`

 	// PublicKey: The public key that corresponds to an issued certificate.
 	PublicKey *PublicKey `json:"publicKey,omitempty"`

 	// SubjectDescription: Describes some of the values in a certificate
 	// that are related to the subject and lifetime.
 	SubjectDescription *SubjectDescription `json:"subjectDescription,omitempty"`

 	// SubjectKeyId: Provides a means of identifiying certificates that
 	// contain a particular public key, per
 	// https://tools.ietf.org/html/rfc5280#section-4.2.1.2.
 	SubjectKeyId *KeyId `json:"subjectKeyId,omitempty"`

 	// ForceSendFields is a list of field names (e.g.
 	// "AiaIssuingCertificateUrls") to unconditionally include in API
 	// requests. By default, fields with empty values are omitted from API
 	// requests. However, any non-pointer, non-interface field appearing in
 	// ForceSendFields will be sent to the server regardless of whether the
 	// field is empty or not. This may be used to include empty fields in
 	// Patch requests.
 	ForceSendFields []string `json:"-"`

 	// NullFields is a list of field names (e.g.
 	// "AiaIssuingCertificateUrls") to include in API requests with the JSON
 	// null value. By default, fields with empty values are omitted from API
 	// requests. However, any field with an empty value appearing in
 	// NullFields will be sent to the server as null. It is an error if a
 	// field in this list has a non-empty value. This may be used to include
 	// null fields in Patch requests.
 	NullFields []string `json:"-"`
 }

 func (s *CertificateDescription) MarshalJSON() ([]byte, error) {
 	type NoMethod CertificateDescription
 	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }

 // CertificateFingerprint: A group of fingerprints for the x509
 // certificate.
 type CertificateFingerprint struct {
 	// Sha256Hash: The SHA 256 hash, encoded in hexadecimal, of the DER x509
 	// certificate.
 	Sha256Hash string `json:"sha256Hash,omitempty"`

 	// ForceSendFields is a list of field names (e.g. "Sha256Hash") to
 	// unconditionally include in API requests. By default, fields with
 	// empty values are omitted from API requests. However, any non-pointer,
 	// non-interface field appearing in ForceSendFields will be sent to the
 	// server regardless of whether the field is empty or not. This may be
 	// used to include empty fields in Patch requests.
 	ForceSendFields []string `json:"-"`

 	// NullFields is a list of field names (e.g. "Sha256Hash") to include in
 	// API requests with the JSON null value. By default, fields with empty
 	// values are omitted from API requests. However, any field with an
 	// empty value appearing in NullFields will be sent to the server as
 	// null. It is an error if a field in this list has a non-empty value.
 	// This may be used to include null fields in Patch requests.
 	NullFields []string `json:"-"`
 }

 func (s *CertificateFingerprint) MarshalJSON() ([]byte, error) {
 	type NoMethod CertificateFingerprint
 	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }

 // CertificateRevocationList: A CertificateRevocationList corresponds to
 // a signed X.509 certificate Revocation List (CRL). A CRL contains the
 // serial numbers of certificates that should no longer be trusted.
 type CertificateRevocationList struct {
 	// AccessUrl: Output only. The location where 'pem_crl' can be accessed.
 	AccessUrl string `json:"accessUrl,omitempty"`

 	// CreateTime: Output only. The time at which this
 	// CertificateRevocationList was created.
 	CreateTime string `json:"createTime,omitempty"`

 	// Labels: Optional. Labels with user-defined metadata.
 	Labels map[string]string `json:"labels,omitempty"`

 	// Name: Output only. The resource path for this
 	// CertificateRevocationList in the format
 	// `projects/*/locations/*/certificateAuthorities/*/
 	// certificateRevocationLists/*`.
 	Name string `json:"name,omitempty"`

 	// PemCrl: Output only. The PEM-encoded X.509 CRL.
 	PemCrl string `json:"pemCrl,omitempty"`

 	// RevokedCertificates: Output only. The revoked serial numbers that
 	// appear in pem_crl.
 	RevokedCertificates []*RevokedCertificate `json:"revokedCertificates,omitempty"`

 	// SequenceNumber: Output only. The CRL sequence number that appears in
 	// pem_crl.
 	SequenceNumber int64 `json:"sequenceNumber,omitempty,string"`

 	// State: Output only. The State for this CertificateRevocationList.
 	//
 	// Possible values:
 	//   "STATE_UNSPECIFIED" - Not specified.
 	//   "ACTIVE" - The CertificateRevocationList is up to date.
 	//   "SUPERSEDED" - The CertificateRevocationList is no longer current.
 	State string `json:"state,omitempty"`

 	// UpdateTime: Output only. The time at which this
 	// CertificateRevocationList was updated.
 	UpdateTime string `json:"updateTime,omitempty"`

 	// ServerResponse contains the HTTP response code and headers from the
 	// server.
 	googleapi.ServerResponse `json:"-"`

 	// ForceSendFields is a list of field names (e.g. "AccessUrl") to
 	// unconditionally include in API requests. By default, fields with
 	// empty values are omitted from API requests. However, any non-pointer,
 	// non-interface field appearing in ForceSendFields will be sent to the
 	// server regardless of whether the field is empty or not. This may be
 	// used to include empty fields in Patch requests.
 	ForceSendFields []string `json:"-"`

 	// NullFields is a list of field names (e.g. "AccessUrl") to include in
 	// API requests with the JSON null value. By default, fields with empty
 	// values are omitted from API requests. However, any field with an
 	// empty value appearing in NullFields will be sent to the server as
 	// null. It is an error if a field in this list has a non-empty value.
 	// This may be used to include null fields in Patch requests.
 	NullFields []string `json:"-"`
 }

 func (s *CertificateRevocationList) MarshalJSON() ([]byte, error) {
 	type NoMethod CertificateRevocationList
 	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }

 // DisableCertificateAuthorityRequest: Request message for
 // CertificateAuthorityService.DisableCertificateAuthority.
 type DisableCertificateAuthorityRequest struct {
 	// RequestId: Optional. An ID to identify requests. Specify a unique
 	// request ID so that if you must retry your request, the server will
 	// know to ignore the request if it has already been completed. The
 	// server will guarantee that for at least 60 minutes since the first
 	// request. For example, consider a situation where you make an initial
 	// request and t he request times out. If you make the request again
 	// with the same request ID, the server can check if original operation
 	// with the same request ID was received, and if so, will ignore the
 	// second request. This prevents clients from accidentally creating
 	// duplicate commitments. The request ID must be a valid UUID with the
 	// exception that zero UUID is not supported
 	// (00000000-0000-0000-0000-000000000000).
 	RequestId string `json:"requestId,omitempty"`

 	// ForceSendFields is a list of field names (e.g. "RequestId") to
 	// unconditionally include in API requests. By default, fields with
 	// empty values are omitted from API requests. However, any non-pointer,
 	// non-interface field appearing in ForceSendFields will be sent to the
 	// server regardless of whether the field is empty or not. This may be
 	// used to include empty fields in Patch requests.
 	ForceSendFields []string `json:"-"`

 	// NullFields is a list of field names (e.g. "RequestId") to include in
 	// API requests with the JSON null value. By default, fields with empty
 	// values are omitted from API requests. However, any field with an
 	// empty value appearing in NullFields will be sent to the server as
 	// null. It is an error if a field in this list has a non-empty value.
 	// This may be used to include null fields in Patch requests.
 	NullFields []string `json:"-"`
 }

 func (s *DisableCertificateAuthorityRequest) MarshalJSON() ([]byte, error) {
 	type NoMethod DisableCertificateAuthorityRequest
 	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }

 // Empty: A generic empty message that you can re-use to avoid defining
 // duplicated empty messages in your APIs. A typical example is to use
 // it as the request or the response type of an API method. For
 // instance: service Foo { rpc Bar(google.protobuf.Empty) returns
 // (google.protobuf.Empty); } The JSON representation for `Empty` is
 // empty JSON object `{}`.
 type Empty struct {
 	// ServerResponse contains the HTTP response code and headers from the
 	// server.
 	googleapi.ServerResponse `json:"-"`
 }

 // EnableCertificateAuthorityRequest: Request message for
 // CertificateAuthorityService.EnableCertificateAuthority.
 type EnableCertificateAuthorityRequest struct {
 	// RequestId: Optional. An ID to identify requests. Specify a unique
 	// request ID so that if you must retry your request, the server will
 	// know to ignore the request if it has already been completed. The
 	// server will guarantee that for at least 60 minutes since the first
 	// request. For example, consider a situation where you make an initial
 	// request and t he request times out. If you make the request again
 	// with the same request ID, the server can check if original operation
 	// with the same request ID was received, and if so, will ignore the
 	// second request. This prevents clients from accidentally creating
 	// duplicate commitments. The request ID must be a valid UUID with the
 	// exception that zero UUID is not supported
 	// (00000000-0000-0000-0000-000000000000).
 	RequestId string `json:"requestId,omitempty"`

 	// ForceSendFields is a list of field names (e.g. "RequestId") to
 	// unconditionally include in API requests. By default, fields with
 	// empty values are omitted from API requests. However, any non-pointer,
 	// non-interface field appearing in ForceSendFields will be sent to the
 	// server regardless of whether the field is empty or not. This may be
 	// used to include empty fields in Patch requests.
 	ForceSendFields []string `json:"-"`

 	// NullFields is a list of field names (e.g. "RequestId") to include in
 	// API requests with the JSON null value. By default, fields with empty
 	// values are omitted from API requests. However, any field with an
 	// empty value appearing in NullFields will be sent to the server as
 	// null. It is an error if a field in this list has a non-empty value.
 	// This may be used to include null fields in Patch requests.
 	NullFields []string `json:"-"`
 }

 func (s *EnableCertificateAuthorityRequest) MarshalJSON() ([]byte, error) {
 	type NoMethod EnableCertificateAuthorityRequest
 	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }

 // Exemplar: Exemplars are example points that may be used to annotate
 // aggregated distribution values. They are metadata that gives
 // information about a particular value added to a Distribution bucket,
 // such as a trace ID that was active when a value was added. They may
 // contain further information, such as a example values and timestamps,
 // origin, etc.
 type Exemplar struct {
 	// Attachments: Contextual information about the example value. Examples
 	// are: Trace: type.googleapis.com/google.monitoring.v3.SpanContext
 	// Literal string: type.googleapis.com/google.protobuf.StringValue
 	// Labels dropped during aggregation:
 	// type.googleapis.com/google.monitoring.v3.DroppedLabels There may be
 	// only a single attachment of any given message type in a single
 	// exemplar, and this is enforced by the system.
 	Attachments []googleapi.RawMessage `json:"attachments,omitempty"`

 	// Timestamp: The observation (sampling) time of the above value.
 	Timestamp string `json:"timestamp,omitempty"`

 	// Value: Value of the exemplar point. This value determines to which
 	// bucket the exemplar belongs.
 	Value float64 `json:"value,omitempty"`

 	// ForceSendFields is a list of field names (e.g. "Attachments") to
 	// unconditionally include in API requests. By default, fields with
 	// empty values are omitted from API requests. However, any non-pointer,
 	// non-interface field appearing in ForceSendFields will be sent to the
 	// server regardless of whether the field is empty or not. This may be
 	// used to include empty fields in Patch requests.
 	ForceSendFields []string `json:"-"`

 	// NullFields is a list of field names (e.g. "Attachments") to include
 	// in API requests with the JSON null value. By default, fields with
 	// empty values are omitted from API requests. However, any field with
 	// an empty value appearing in NullFields will be sent to the server as
 	// null. It is an error if a field in this list has a non-empty value.
 	// This may be used to include null fields in Patch requests.
 	NullFields []string `json:"-"`
 }

 func (s *Exemplar) MarshalJSON() ([]byte, error) {
 	type NoMethod Exemplar
 	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }

 func (s *Exemplar) UnmarshalJSON(data []byte) error {
 	type NoMethod Exemplar
 	var s1 struct {
 		Value gensupport.JSONFloat64 `json:"value"`
 		*NoMethod
 	}
 	s1.NoMethod = (*NoMethod)(s)
 	if err := json.Unmarshal(data, &s1); err != nil {
 		return err
 	}
 	s.Value = float64(s1.Value)
 	return nil
 }

 // Expr: Represents a textual expression in the Common Expression
 // Language (CEL) syntax. CEL is a C-like expression language. The
 // syntax and semantics of CEL are documented at
 // https://github.com/google/cel-spec. Example (Comparison): title:
 // "Summary size limit" description: "Determines if a summary is less
 // than 100 chars" expression: "document.summary.size() < 100" Example
 // (Equality): title: "Requestor is owner" description: "Determines if
 // requestor is the document owner" expression: "document.owner ==
 // request.auth.claims.email" Example (Logic): title: "Public documents"
 // description: "Determine whether the document should be publicly
 // visible" expression: "document.type != 'private' && document.type !=
 // 'internal'" Example (Data Manipulation): title: "Notification string"
 // description: "Create a notification string with a timestamp."
 // expression: "'New message received at ' +
 // string(document.create_time)" The exact variables and functions that
 // may be referenced within an expression are determined by the service
 // that evaluates it. See the service documentation for additional
 // information.
 type Expr struct {
 	// Description: Optional. Description of the expression. This is a
 	// longer text which describes the expression, e.g. when hovered over it
 	// in a UI.
 	Description string `json:"description,omitempty"`

 	// Expression: Textual representation of an expression in Common
 	// Expression Language syntax.
 	Expression string `json:"expression,omitempty"`

 	// Location: Optional. String indicating the location of the expression
 	// for error reporting, e.g. a file name and a position in the file.
 	Location string `json:"location,omitempty"`

 	// Title: Optional. Title for the expression, i.e. a short string
 	// describing its purpose. This can be used e.g. in UIs which allow to
 	// enter the expression.
 	Title string `json:"title,omitempty"`

 	// ForceSendFields is a list of field names (e.g. "Description") to
 	// unconditionally include in API requests. By default, fields with
 	// empty values are omitted from API requests. However, any non-pointer,
 	// non-interface field appearing in ForceSendFields will be sent to the
 	// server regardless of whether the field is empty or not. This may be
 	// used to include empty fields in Patch requests.
 	ForceSendFields []string `json:"-"`

 	// NullFields is a list of field names (e.g. "Description") to include
 	// in API requests with the JSON null value. By default, fields with
 	// empty values are omitted from API requests. However, any field with
 	// an empty value appearing in NullFields will be sent to the server as
 	// null. It is an error if a field in this list has a non-empty value.
 	// This may be used to include null fields in Patch requests.
 	NullFields []string `json:"-"`
 }

 func (s *Expr) MarshalJSON() ([]byte, error) {
 	type NoMethod Expr
 	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }

 // ExtendedKeyUsageOptions: KeyUsage.ExtendedKeyUsageOptions has fields
 // that correspond to certain common OIDs that could be specified as an
 // extended key usage value.
 type ExtendedKeyUsageOptions struct {
 	// ClientAuth: Corresponds to OID 1.3.6.1.5.5.7.3.2. Officially
 	// described as "TLS WWW client authentication", though regularly used
 	// for non-WWW TLS.
 	ClientAuth bool `json:"clientAuth,omitempty"`

 	// CodeSigning: Corresponds to OID 1.3.6.1.5.5.7.3.3. Officially
 	// described as "Signing of downloadable executable code client
 	// authentication".
 	CodeSigning bool `json:"codeSigning,omitempty"`

 	// EmailProtection: Corresponds to OID 1.3.6.1.5.5.7.3.4. Officially
 	// described as "Email protection".
 	EmailProtection bool `json:"emailProtection,omitempty"`

 	// OcspSigning: Corresponds to OID 1.3.6.1.5.5.7.3.9. Officially
 	// described as "Signing OCSP responses".
 	OcspSigning bool `json:"ocspSigning,omitempty"`

 	// ServerAuth: Corresponds to OID 1.3.6.1.5.5.7.3.1. Officially
 	// described as "TLS WWW server authentication", though regularly used
 	// for non-WWW TLS.
 	ServerAuth bool `json:"serverAuth,omitempty"`

 	// TimeStamping: Corresponds to OID 1.3.6.1.5.5.7.3.8. Officially
 	// described as "Binding the hash of an object to a time".
 	TimeStamping bool `json:"timeStamping,omitempty"`

 	// ForceSendFields is a list of field names (e.g. "ClientAuth") to
 	// unconditionally include in API requests. By default, fields with
 	// empty values are omitted from API requests. However, any non-pointer,
 	// non-interface field appearing in ForceSendFields will be sent to the
 	// server regardless of whether the field is empty or not. This may be
 	// used to include empty fields in Patch requests.
 	ForceSendFields []string `json:"-"`

 	// NullFields is a list of field names (e.g. "ClientAuth") to include in
 	// API requests with the JSON null value. By default, fields with empty
 	// values are omitted from API requests. However, any field with an
 	// empty value appearing in NullFields will be sent to the server as
 	// null. It is an error if a field in this list has a non-empty value.
 	// This may be used to include null fields in Patch requests.
 	NullFields []string `json:"-"`
 }

 func (s *ExtendedKeyUsageOptions) MarshalJSON() ([]byte, error) {
 	type NoMethod ExtendedKeyUsageOptions
 	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }

 // FetchCertificateAuthorityCsrResponse: Response message for
 // CertificateAuthorityService.FetchCertificateAuthorityCsr.
 type FetchCertificateAuthorityCsrResponse struct {
 	// PemCsr: Output only. The PEM-encoded signed certificate signing
 	// request (CSR).
 	PemCsr string `json:"pemCsr,omitempty"`

 	// ServerResponse contains the HTTP response code and headers from the
 	// server.
 	googleapi.ServerResponse `json:"-"`

 	// ForceSendFields is a list of field names (e.g. "PemCsr") to
 	// unconditionally include in API requests. By default, fields with
 	// empty values are omitted from API requests. However, any non-pointer,
 	// non-interface field appearing in ForceSendFields will be sent to the
 	// server regardless of whether the field is empty or not. This may be
 	// used to include empty fields in Patch requests.
 	ForceSendFields []string `json:"-"`

 	// NullFields is a list of field names (e.g. "PemCsr") to include in API
 	// requests with the JSON null value. By default, fields with empty
 	// values are omitted from API requests. However, any field with an
 	// empty value appearing in NullFields will be sent to the server as
 	// null. It is an error if a field in this list has a non-empty value.
 	// This may be used to include null fields in Patch requests.
 	NullFields []string `json:"-"`
 }

 func (s *FetchCertificateAuthorityCsrResponse) MarshalJSON() ([]byte, error) {
 	type NoMethod FetchCertificateAuthorityCsrResponse
 	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }

 // GoogleApiServicecontrolV1AttributeValue: The allowed types for
 // [VALUE] in a `[KEY]:[VALUE]` attribute.
 type GoogleApiServicecontrolV1AttributeValue struct {
 	// BoolValue: A Boolean value represented by `true` or `false`.
 	BoolValue bool `json:"boolValue,omitempty"`

 	// IntValue: A 64-bit signed integer.
 	IntValue int64 `json:"intValue,omitempty,string"`

 	// StringValue: A string up to 256 bytes long.
 	StringValue *GoogleApiServicecontrolV1TruncatableString `json:"stringValue,omitempty"`

 	// ForceSendFields is a list of field names (e.g. "BoolValue") to
 	// unconditionally include in API requests. By default, fields with
 	// empty values are omitted from API requests. However, any non-pointer,
 	// non-interface field appearing in ForceSendFields will be sent to the
 	// server regardless of whether the field is empty or not. This may be
 	// used to include empty fields in Patch requests.
 	ForceSendFields []string `json:"-"`

 	// NullFields is a list of field names (e.g. "BoolValue") to include in
 	// API requests with the JSON null value. By default, fields with empty
 	// values are omitted from API requests. However, any field with an
 	// empty value appearing in NullFields will be sent to the server as
 	// null. It is an error if a field in this list has a non-empty value.
 	// This may be used to include null fields in Patch requests.
 	NullFields []string `json:"-"`
 }

 func (s *GoogleApiServicecontrolV1AttributeValue) MarshalJSON() ([]byte, error) {
 	type NoMethod GoogleApiServicecontrolV1AttributeValue
 	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }

 // GoogleApiServicecontrolV1Attributes: A set of attributes, each in the
 // format `[KEY]:[VALUE]`.
 type GoogleApiServicecontrolV1Attributes struct {
 	// AttributeMap: The set of attributes. Each attribute's key can be up
 	// to 128 bytes long. The value can be a string up to 256 bytes, a
 	// signed 64-bit integer, or the Boolean values `true` and `false`. For
 	// example: "/instance_id": "my-instance" "/http/user_agent": ""
 	// "/http/request_bytes": 300 "abc.com/myattribute": true
 	AttributeMap map[string]GoogleApiServicecontrolV1AttributeValue `json:"attributeMap,omitempty"`

 	// DroppedAttributesCount: The number of attributes that were discarded.
 	// Attributes can be discarded because their keys are too long or
 	// because there are too many attributes. If this value is 0 then all
 	// attributes are valid.
 	DroppedAttributesCount int64 `json:"droppedAttributesCount,omitempty"`

 	// ForceSendFields is a list of field names (e.g. "AttributeMap") to
 	// unconditionally include in API requests. By default, fields with
 	// empty values are omitted from API requests. However, any non-pointer,
 	// non-interface field appearing in ForceSendFields will be sent to the
 	// server regardless of whether the field is empty or not. This may be
 	// used to include empty fields in Patch requests.
 	ForceSendFields []string `json:"-"`

 	// NullFields is a list of field names (e.g. "AttributeMap") to include
 	// in API requests with the JSON null value. By default, fields with
 	// empty values are omitted from API requests. However, any field with
 	// an empty value appearing in NullFields will be sent to the server as
 	// null. It is an error if a field in this list has a non-empty value.
 	// This may be used to include null fields in Patch requests.
 	NullFields []string `json:"-"`
 }

 func (s *GoogleApiServicecontrolV1Attributes) MarshalJSON() ([]byte, error) {
 	type NoMethod GoogleApiServicecontrolV1Attributes
 	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }

 // GoogleApiServicecontrolV1Distribution: Distribution represents a
 // frequency distribution of double-valued sample points. It contains
 // the size of the population of sample points plus additional optional
 // information: - the arithmetic mean of the samples - the minimum and
 // maximum of the samples - the sum-squared-deviation of the samples,
 // used to compute variance - a histogram of the values of the sample
 // points
 type GoogleApiServicecontrolV1Distribution struct {
 	// BucketCounts: The number of samples in each histogram bucket.
 	// `bucket_counts` are optional. If present, they must sum to the
 	// `count` value. The buckets are defined below in `bucket_option`.
 	// There are N buckets. `bucket_counts[0]` is the number of samples in
 	// the underflow bucket. `bucket_counts[1]` to `bucket_counts[N-1]` are
 	// the numbers of samples in each of the finite buckets. And
 	// `bucket_counts[N] is the number of samples in the overflow bucket.
 	// See the comments of `bucket_option` below for more details. Any
 	// suffix of trailing zeros may be omitted.
 	BucketCounts googleapi.Int64s `json:"bucketCounts,omitempty"`

 	// Count: The total number of samples in the distribution. Must be >= 0.
 	Count int64 `json:"count,omitempty,string"`

 	// Exemplars: Example points. Must be in increasing order of `value`
 	// field.
 	Exemplars []*Exemplar `json:"exemplars,omitempty"`

 	// ExplicitBuckets: Buckets with arbitrary user-provided width.
 	ExplicitBuckets *GoogleApiServicecontrolV1ExplicitBuckets `json:"explicitBuckets,omitempty"`

 	// ExponentialBuckets: Buckets with exponentially growing width.
 	ExponentialBuckets *GoogleApiServicecontrolV1ExponentialBuckets `json:"exponentialBuckets,omitempty"`

 	// LinearBuckets: Buckets with constant width.
 	LinearBuckets *GoogleApiServicecontrolV1LinearBuckets `json:"linearBuckets,omitempty"`

 	// Maximum: The maximum of the population of values. Ignored if `count`
 	// is zero.
 	Maximum float64 `json:"maximum,omitempty"`

 	// Mean: The arithmetic mean of the samples in the distribution. If
 	// `count` is zero then this field must be zero.
 	Mean float64 `json:"mean,omitempty"`

 	// Minimum: The minimum of the population of values. Ignored if `count`
 	// is zero.
 	Minimum float64 `json:"minimum,omitempty"`

 	// SumOfSquaredDeviation: The sum of squared deviations from the mean:
 	// Sumi=1..count ((x_i - mean)^2) where each x_i is a sample values. If
 	// `count` is zero then this field must be zero, otherwise validation of
 	// the request fails.
 	SumOfSquaredDeviation float64 `json:"sumOfSquaredDeviation,omitempty"`

 	// ForceSendFields is a list of field names (e.g. "BucketCounts") to
 	// unconditionally include in API requests. By default, fields with
 	// empty values are omitted from API requests. However, any non-pointer,
 	// non-interface field appearing in ForceSendFields will be sent to the
 	// server regardless of whether the field is empty or not. This may be
 	// used to include empty fields in Patch requests.
 	ForceSendFields []string `json:"-"`

 	// NullFields is a list of field names (e.g. "BucketCounts") to include
 	// in API requests with the JSON null value. By default, fields with
 	// empty values are omitted from API requests. However, any field with
 	// an empty value appearing in NullFields will be sent to the server as
 	// null. It is an error if a field in this list has a non-empty value.
 	// This may be used to include null fields in Patch requests.
 	NullFields []string `json:"-"`
 }

 func (s *GoogleApiServicecontrolV1Distribution) MarshalJSON() ([]byte, error) {
 	type NoMethod GoogleApiServicecontrolV1Distribution
 	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }

 func (s *GoogleApiServicecontrolV1Distribution) UnmarshalJSON(data []byte) error {
 	type NoMethod GoogleApiServicecontrolV1Distribution
 	var s1 struct {
 		Maximum               gensupport.JSONFloat64 `json:"maximum"`
 		Mean                  gensupport.JSONFloat64 `json:"mean"`
 		Minimum               gensupport.JSONFloat64 `json:"minimum"`
 		SumOfSquaredDeviation gensupport.JSONFloat64 `json:"sumOfSquaredDeviation"`
 		*NoMethod
 	}
 	s1.NoMethod = (*NoMethod)(s)
 	if err := json.Unmarshal(data, &s1); err != nil {
 		return err
 	}
 	s.Maximum = float64(s1.Maximum)
 	s.Mean = float64(s1.Mean)
 	s.Minimum = float64(s1.Minimum)
 	s.SumOfSquaredDeviation = float64(s1.SumOfSquaredDeviation)
 	return nil
 }

 // GoogleApiServicecontrolV1ExplicitBuckets: Describing buckets with
 // arbitrary user-provided width.
 type GoogleApiServicecontrolV1ExplicitBuckets struct {
 	// Bounds: 'bound' is a list of strictly increasing boundaries between
 	// buckets. Note that a list of length N-1 defines N buckets because of
 	// fenceposting. See comments on `bucket_options` for details. The i'th
 	// finite bucket covers the interval [bound[i-1], bound[i]) where i
 	// ranges from 1 to bound_size() - 1. Note that there are no finite
 	// buckets at all if 'bound' only contains a single element; in that
 	// special case the single bound defines the boundary between the
 	// underflow and overflow buckets. bucket number lower bound upper bound
 	// i == 0 (underflow) -inf bound[i] 0 < i < bound_size() bound[i-1]
 	// bound[i] i == bound_size() (overflow) bound[i-1] +inf
 	Bounds []float64 `json:"bounds,omitempty"`

 	// ForceSendFields is a list of field names (e.g. "Bounds") to
 	// unconditionally include in API requests. By default, fields with
 	// empty values are omitted from API requests. However, any non-pointer,
 	// non-interface field appearing in ForceSendFields will be sent to the
 	// server regardless of whether the field is empty or not. This may be
 	// used to include empty fields in Patch requests.
 	ForceSendFields []string `json:"-"`

 	// NullFields is a list of field names (e.g. "Bounds") to include in API
 	// requests with the JSON null value. By default, fields with empty
 	// values are omitted from API requests. However, any field with an
 	// empty value appearing in NullFields will be sent to the server as
 	// null. It is an error if a field in this list has a non-empty value.
 	// This may be used to include null fields in Patch requests.
 	NullFields []string `json:"-"`
 }

 func (s *GoogleApiServicecontrolV1ExplicitBuckets) MarshalJSON() ([]byte, error) {
 	type NoMethod GoogleApiServicecontrolV1ExplicitBuckets
 	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }

 // GoogleApiServicecontrolV1ExponentialBuckets: Describing buckets with
 // exponentially growing width.
 type GoogleApiServicecontrolV1ExponentialBuckets struct {
 	// GrowthFactor: The i'th exponential bucket covers the interval [scale
 	// * growth_factor^(i-1), scale * growth_factor^i) where i ranges from 1
 	// to num_finite_buckets inclusive. Must be larger than 1.0.
 	GrowthFactor float64 `json:"growthFactor,omitempty"`

 	// NumFiniteBuckets: The number of finite buckets. With the underflow
 	// and overflow buckets, the total number of buckets is
 	// `num_finite_buckets` + 2. See comments on `bucket_options` for
 	// details.
 	NumFiniteBuckets int64 `json:"numFiniteBuckets,omitempty"`

 	// Scale: The i'th exponential bucket covers the interval [scale *
 	// growth_factor^(i-1), scale * growth_factor^i) where i ranges from 1
 	// to num_finite_buckets inclusive. Must be > 0.
 	Scale float64 `json:"scale,omitempty"`

 	// ForceSendFields is a list of field names (e.g. "GrowthFactor") to
 	// unconditionally include in API requests. By default, fields with
 	// empty values are omitted from API requests. However, any non-pointer,
 	// non-interface field appearing in ForceSendFields will be sent to the
 	// server regardless of whether the field is empty or not. This may be
 	// used to include empty fields in Patch requests.
 	ForceSendFields []string `json:"-"`

 	// NullFields is a list of field names (e.g. "GrowthFactor") to include
 	// in API requests with the JSON null value. By default, fields with
 	// empty values are omitted from API requests. However, any field with
 	// an empty value appearing in NullFields will be sent to the server as
 	// null. It is an error if a field in this list has a non-empty value.
 	// This may be used to include null fields in Patch requests.
 	NullFields []string `json:"-"`
 }

 func (s *GoogleApiServicecontrolV1ExponentialBuckets) MarshalJSON() ([]byte, error) {
 	type NoMethod GoogleApiServicecontrolV1ExponentialBuckets
 	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }

 func (s *GoogleApiServicecontrolV1ExponentialBuckets) UnmarshalJSON(data []byte) error {
 	type NoMethod GoogleApiServicecontrolV1ExponentialBuckets
 	var s1 struct {
 		GrowthFactor gensupport.JSONFloat64 `json:"growthFactor"`
 		Scale        gensupport.JSONFloat64 `json:"scale"`
 		*NoMethod
 	}
 	s1.NoMethod = (*NoMethod)(s)
 	if err := json.Unmarshal(data, &s1); err != nil {
 		return err
 	}
 	s.GrowthFactor = float64(s1.GrowthFactor)
 	s.Scale = float64(s1.Scale)
 	return nil
 }

 // GoogleApiServicecontrolV1HttpRequest: A common proto for logging HTTP
 // requests. Only contains semantics defined by the HTTP specification.
 // Product-specific logging information MUST be defined in a separate
 // message.
 type GoogleApiServicecontrolV1HttpRequest struct {
 	// CacheFillBytes: The number of HTTP response bytes inserted into
 	// cache. Set only when a cache fill was attempted.
 	CacheFillBytes int64 `json:"cacheFillBytes,omitempty,string"`

 	// CacheHit: Whether or not an entity was served from cache (with or
 	// without validation).
 	CacheHit bool `json:"cacheHit,omitempty"`

 	// CacheLookup: Whether or not a cache lookup was attempted.
 	CacheLookup bool `json:"cacheLookup,omitempty"`

 	// CacheValidatedWithOriginServer: Whether or not the response was
 	// validated with the origin server before being served from cache. This
 	// field is only meaningful if `cache_hit` is True.
 	CacheValidatedWithOriginServer bool `json:"cacheValidatedWithOriginServer,omitempty"`

 	// Latency: The request processing latency on the server, from the time
 	// the request was received until the response was sent.
 	Latency string `json:"latency,omitempty"`

 	// Protocol: Protocol used for the request. Examples: "HTTP/1.1",
 	// "HTTP/2", "websocket"
 	Protocol string `json:"protocol,omitempty"`

 	// Referer: The referer URL of the request, as defined in HTTP/1.1
 	// Header Field Definitions
 	// (http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html).
 	Referer string `json:"referer,omitempty"`

 	// RemoteIp: The IP address (IPv4 or IPv6) of the client that issued the
 	// HTTP request. Examples: "192.168.1.1",
 	// "FE80::0202:B3FF:FE1E:8329".
 	RemoteIp string `json:"remoteIp,omitempty"`

 	// RequestMethod: The request method. Examples: "GET", "HEAD",
 	// "PUT", "POST".
 	RequestMethod string `json:"requestMethod,omitempty"`

 	// RequestSize: The size of the HTTP request message in bytes, including
 	// the request headers and the request body.
 	RequestSize int64 `json:"requestSize,omitempty,string"`

 	// RequestUrl: The scheme (http, https), the host name, the path, and
 	// the query portion of the URL that was requested. Example:
 	// "http://example.com/some/info?color=red".
 	RequestUrl string `json:"requestUrl,omitempty"`

 	// ResponseSize: The size of the HTTP response message sent back to the
 	// client, in bytes, including the response headers and the response
 	// body.
 	ResponseSize int64 `json:"responseSize,omitempty,string"`

 	// ServerIp: The IP address (IPv4 or IPv6) of the origin server that the
 	// request was sent to.
 	ServerIp string `json:"serverIp,omitempty"`

 	// Status: The response code indicating the status of the response.
 	// Examples: 200, 404.
 	Status int64 `json:"status,omitempty"`

 	// UserAgent: The user agent sent by the client. Example: "Mozilla/4.0
 	// (compatible; MSIE 6.0; Windows 98; Q312461; .NET CLR 1.0.3705)".
 	UserAgent string `json:"userAgent,omitempty"`

 	// ForceSendFields is a list of field names (e.g. "CacheFillBytes") to
 	// unconditionally include in API requests. By default, fields with
 	// empty values are omitted from API requests. However, any non-pointer,
 	// non-interface field appearing in ForceSendFields will be sent to the
 	// server regardless of whether the field is empty or not. This may be
 	// used to include empty fields in Patch requests.
 	ForceSendFields []string `json:"-"`

 	// NullFields is a list of field names (e.g. "CacheFillBytes") to
 	// include in API requests with the JSON null value. By default, fields
 	// with empty values are omitted from API requests. However, any field
 	// with an empty value appearing in NullFields will be sent to the
 	// server as null. It is an error if a field in this list has a
 	// non-empty value. This may be used to include null fields in Patch
 	// requests.
 	NullFields []string `json:"-"`
 }

 func (s *GoogleApiServicecontrolV1HttpRequest) MarshalJSON() ([]byte, error) {
 	type NoMethod GoogleApiServicecontrolV1HttpRequest
 	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }

 // GoogleApiServicecontrolV1LinearBuckets: Describing buckets with
 // constant width.
 type GoogleApiServicecontrolV1LinearBuckets struct {
 	// NumFiniteBuckets: The number of finite buckets. With the underflow
 	// and overflow buckets, the total number of buckets is
 	// `num_finite_buckets` + 2. See comments on `bucket_options` for
 	// details.
 	NumFiniteBuckets int64 `json:"numFiniteBuckets,omitempty"`

 	// Offset: The i'th linear bucket covers the interval [offset + (i-1) *
 	// width, offset + i * width) where i ranges from 1 to
 	// num_finite_buckets, inclusive.
 	Offset float64 `json:"offset,omitempty"`

 	// Width: The i'th linear bucket covers the interval [offset + (i-1) *
 	// width, offset + i * width) where i ranges from 1 to
 	// num_finite_buckets, inclusive. Must be strictly positive.
 	Width float64 `json:"width,omitempty"`

 	// ForceSendFields is a list of field names (e.g. "NumFiniteBuckets") to
 	// unconditionally include in API requests. By default, fields with
 	// empty values are omitted from API requests. However, any non-pointer,
 	// non-interface field appearing in ForceSendFields will be sent to the
 	// server regardless of whether the field is empty or not. This may be
 	// used to include empty fields in Patch requests.
 	ForceSendFields []string `json:"-"`

 	// NullFields is a list of field names (e.g. "NumFiniteBuckets") to
 	// include in API requests with the JSON null value. By default, fields
 	// with empty values are omitted from API requests. However, any field
 	// with an empty value appearing in NullFields will be sent to the
 	// server as null. It is an error if a field in this list has a
 	// non-empty value. This may be used to include null fields in Patch
 	// requests.
 	NullFields []string `json:"-"`
 }

 func (s *GoogleApiServicecontrolV1LinearBuckets) MarshalJSON() ([]byte, error) {
 	type NoMethod GoogleApiServicecontrolV1LinearBuckets
 	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }

 func (s *GoogleApiServicecontrolV1LinearBuckets) UnmarshalJSON(data []byte) error {
 	type NoMethod GoogleApiServicecontrolV1LinearBuckets
 	var s1 struct {
 		Offset gensupport.JSONFloat64 `json:"offset"`
 		Width  gensupport.JSONFloat64 `json:"width"`
 		*NoMethod
 	}
 	s1.NoMethod = (*NoMethod)(s)
 	if err := json.Unmarshal(data, &s1); err != nil {
 		return err
 	}
 	s.Offset = float64(s1.Offset)
 	s.Width = float64(s1.Width)
 	return nil
 }

 // GoogleApiServicecontrolV1LogEntry: An individual log entry.
 type GoogleApiServicecontrolV1LogEntry struct {
 	// HttpRequest: Optional. Information about the HTTP request associated
 	// with this log entry, if applicable.
 	HttpRequest *GoogleApiServicecontrolV1HttpRequest `json:"httpRequest,omitempty"`

 	// InsertId: A unique ID for the log entry used for deduplication. If
 	// omitted, the implementation will generate one based on operation_id.
 	InsertId string `json:"insertId,omitempty"`

 	// Labels: A set of user-defined (key, value) data that provides
 	// additional information about the log entry.
 	Labels map[string]string `json:"labels,omitempty"`

 	// Name: Required. The log to which this log entry belongs. Examples:
 	// "syslog", "book_log".
 	Name string `json:"name,omitempty"`

 	// Operation: Optional. Information about an operation associated with
 	// the log entry, if applicable.
 	Operation *GoogleApiServicecontrolV1LogEntryOperation `json:"operation,omitempty"`

 	// ProtoPayload: The log entry payload, represented as a protocol buffer
 	// that is expressed as a JSON object. The only accepted type currently
 	// is AuditLog.
 	ProtoPayload googleapi.RawMessage `json:"protoPayload,omitempty"`

 	// Severity: The severity of the log entry. The default value is
 	// `LogSeverity.DEFAULT`.
 	//
 	// Possible values:
 	//   "DEFAULT" - (0) The log entry has no assigned severity level.
 	//   "DEBUG" - (100) Debug or trace information.
 	//   "INFO" - (200) Routine information, such as ongoing status or
 	// performance.
 	//   "NOTICE" - (300) Normal but significant events, such as start up,
 	// shut down, or a configuration change.
 	//   "WARNING" - (400) Warning events might cause problems.
 	//   "ERROR" - (500) Error events are likely to cause problems.
 	//   "CRITICAL" - (600) Critical events cause more severe problems or
 	// outages.
 	//   "ALERT" - (700) A person must take an action immediately.
 	//   "EMERGENCY" - (800) One or more systems are unusable.
 	Severity string `json:"severity,omitempty"`

 	// SourceLocation: Optional. Source code location information associated
 	// with the log entry, if any.
 	SourceLocation *GoogleApiServicecontrolV1LogEntrySourceLocation `json:"sourceLocation,omitempty"`

 	// StructPayload: The log entry payload, represented as a structure that
 	// is expressed as a JSON object.
 	StructPayload googleapi.RawMessage `json:"structPayload,omitempty"`

 	// TextPayload: The log entry payload, represented as a Unicode string
 	// (UTF-8).
 	TextPayload string `json:"textPayload,omitempty"`

 	// Timestamp: The time the event described by the log entry occurred. If
 	// omitted, defaults to operation start time.
 	Timestamp string `json:"timestamp,omitempty"`

 	// Trace: Optional. Resource name of the trace associated with the log
 	// entry, if any. If this field contains a relative resource name, you
 	// can assume the name is relative to `//tracing.googleapis.com`.
 	// Example:
 	// `projects/my-projectid/traces/06796866738c859f2f19b7cfb3214824`
 	Trace string `json:"trace,omitempty"`

 	// ForceSendFields is a list of field names (e.g. "HttpRequest") to
 	// unconditionally include in API requests. By default, fields with
 	// empty values are omitted from API requests. However, any non-pointer,
 	// non-interface field appearing in ForceSendFields will be sent to the
 	// server regardless of whether the field is empty or not. This may be
 	// used to include empty fields in Patch requests.
 	ForceSendFields []string `json:"-"`

 	// NullFields is a list of field names (e.g. "HttpRequest") to include
 	// in API requests with the JSON null value. By default, fields with
 	// empty values are omitted from API requests. However, any field with
 	// an empty value appearing in NullFields will be sent to the server as
 	// null. It is an error if a field in this list has a non-empty value.
 	// This may be used to include null fields in Patch requests.
 	NullFields []string `json:"-"`
 }

 func (s *GoogleApiServicecontrolV1LogEntry) MarshalJSON() ([]byte, error) {
 	type NoMethod GoogleApiServicecontrolV1LogEntry
 	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }

 // GoogleApiServicecontrolV1LogEntryOperation: Additional information
 // about a potentially long-running operation with which a log entry is
 // associated.
 type GoogleApiServicecontrolV1LogEntryOperation struct {
 	// First: Optional. Set this to True if this is the first log entry in
 	// the operation.
 	First bool `json:"first,omitempty"`

 	// Id: Optional. An arbitrary operation identifier. Log entries with the
 	// same identifier are assumed to be part of the same operation.
 	Id string `json:"id,omitempty"`

 	// Last: Optional. Set this to True if this is the last log entry in the
 	// operation.
 	Last bool `json:"last,omitempty"`

 	// Producer: Optional. An arbitrary producer identifier. The combination
 	// of `id` and `producer` must be globally unique. Examples for
 	// `producer`: "MyDivision.MyBigCompany.com",
 	// "github.com/MyProject/MyApplication".
 	Producer string `json:"producer,omitempty"`

 	// ForceSendFields is a list of field names (e.g. "First") to
 	// unconditionally include in API requests. By default, fields with
 	// empty values are omitted from API requests. However, any non-pointer,
 	// non-interface field appearing in ForceSendFields will be sent to the
 	// server regardless of whether the field is empty or not. This may be
 	// used to include empty fields in Patch requests.
 	ForceSendFields []string `json:"-"`

 	// NullFields is a list of field names (e.g. "First") to include in API
 	// requests with the JSON null value. By default, fields with empty
 	// values are omitted from API requests. However, any field with an
 	// empty value appearing in NullFields will be sent to the server as
 	// null. It is an error if a field in this list has a non-empty value.
 	// This may be used to include null fields in Patch requests.
 	NullFields []string `json:"-"`
 }

 func (s *GoogleApiServicecontrolV1LogEntryOperation) MarshalJSON() ([]byte, error) {
 	type NoMethod GoogleApiServicecontrolV1LogEntryOperation
 	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }

 // GoogleApiServicecontrolV1LogEntrySourceLocation: Additional
 // information about the source code location that produced the log
 // entry.
 type GoogleApiServicecontrolV1LogEntrySourceLocation struct {
 	// File: Optional. Source file name. Depending on the runtime
 	// environment, this might be a simple name or a fully-qualified name.
 	File string `json:"file,omitempty"`

 	// Function: Optional. Human-readable name of the function or method
 	// being invoked, with optional context such as the class or package
 	// name. This information may be used in contexts such as the logs
 	// viewer, where a file and line number are less meaningful. The format
 	// can vary by language. For example: `qual.if.ied.Class.method` (Java),
 	// `dir/package.func` (Go), `function` (Python).
 	Function string `json:"function,omitempty"`

 	// Line: Optional. Line within the source file. 1-based; 0 indicates no
 	// line number available.
 	Line int64 `json:"line,omitempty,string"`

 	// ForceSendFields is a list of field names (e.g. "File") to
 	// unconditionally include in API requests. By default, fields with
 	// empty values are omitted from API requests. However, any non-pointer,
 	// non-interface field appearing in ForceSendFields will be sent to the
 	// server regardless of whether the field is empty or not. This may be
 	// used to include empty fields in Patch requests.
 	ForceSendFields []string `json:"-"`

 	// NullFields is a list of field names (e.g. "File") to include in API
 	// requests with the JSON null value. By default, fields with empty
 	// values are omitted from API requests. However, any field with an
 	// empty value appearing in NullFields will be sent to the server as
 	// null. It is an error if a field in this list has a non-empty value.
 	// This may be used to include null fields in Patch requests.
 	NullFields []string `json:"-"`
 }

 func (s *GoogleApiServicecontrolV1LogEntrySourceLocation) MarshalJSON() ([]byte, error) {
 	type NoMethod GoogleApiServicecontrolV1LogEntrySourceLocation
 	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }

 // GoogleApiServicecontrolV1MetricValue: Represents a single metric
 // value.
 type GoogleApiServicecontrolV1MetricValue struct {
 	// BoolValue: A boolean value.
 	BoolValue bool `json:"boolValue,omitempty"`

 	// DistributionValue: A distribution value.
 	DistributionValue *GoogleApiServicecontrolV1Distribution `json:"distributionValue,omitempty"`

 	// DoubleValue: A double precision floating point value.
 	DoubleValue float64 `json:"doubleValue,omitempty"`

 	// EndTime: The end of the time period over which this metric value's
 	// measurement applies. If not specified,
 	// google.api.servicecontrol.v1.Operation.end_time will be used.
 	EndTime string `json:"endTime,omitempty"`

 	// Int64Value: A signed 64-bit integer value.
 	Int64Value int64 `json:"int64Value,omitempty,string"`

 	// Labels: The labels describing the metric value. See comments on
 	// google.api.servicecontrol.v1.Operation.labels for the overriding
 	// relationship. Note that this map must not contain monitored resource
 	// labels.
 	Labels map[string]string `json:"labels,omitempty"`

 	// MoneyValue: A money value.
 	MoneyValue *Money `json:"moneyValue,omitempty"`

 	// StartTime: The start of the time period over which this metric
 	// value's measurement applies. The time period has different semantics
 	// for different metric types (cumulative, delta, and gauge). See the
 	// metric definition documentation in the service configuration for
 	// details. If not specified,
 	// google.api.servicecontrol.v1.Operation.start_time will be used.
 	StartTime string `json:"startTime,omitempty"`

 	// StringValue: A text string value.
 	StringValue string `json:"stringValue,omitempty"`

 	// ForceSendFields is a list of field names (e.g. "BoolValue") to
 	// unconditionally include in API requests. By default, fields with
 	// empty values are omitted from API requests. However, any non-pointer,
 	// non-interface field appearing in ForceSendFields will be sent to the
 	// server regardless of whether the field is empty or not. This may be
 	// used to include empty fields in Patch requests.
 	ForceSendFields []string `json:"-"`

 	// NullFields is a list of field names (e.g. "BoolValue") to include in
 	// API requests with the JSON null value. By default, fields with empty
 	// values are omitted from API requests. However, any field with an
 	// empty value appearing in NullFields will be sent to the server as
 	// null. It is an error if a field in this list has a non-empty value.
 	// This may be used to include null fields in Patch requests.
 	NullFields []string `json:"-"`
 }

 func (s *GoogleApiServicecontrolV1MetricValue) MarshalJSON() ([]byte, error) {
 	type NoMethod GoogleApiServicecontrolV1MetricValue
 	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }

 func (s *GoogleApiServicecontrolV1MetricValue) UnmarshalJSON(data []byte) error {
 	type NoMethod GoogleApiServicecontrolV1MetricValue
 	var s1 struct {
 		DoubleValue gensupport.JSONFloat64 `json:"doubleValue"`
 		*NoMethod
 	}
 	s1.NoMethod = (*NoMethod)(s)
 	if err := json.Unmarshal(data, &s1); err != nil {
 		return err
 	}
 	s.DoubleValue = float64(s1.DoubleValue)
 	return nil
 }

 // GoogleApiServicecontrolV1MetricValueSet: Represents a set of metric
 // values in the same metric. Each metric value in the set should have a
 // unique combination of start time, end time, and label values.
 type GoogleApiServicecontrolV1MetricValueSet struct {
 	// MetricName: The metric name defined in the service configuration.
 	MetricName string `json:"metricName,omitempty"`

 	// MetricValues: The values in this metric.
 	MetricValues []*GoogleApiServicecontrolV1MetricValue `json:"metricValues,omitempty"`

 	// ForceSendFields is a list of field names (e.g. "MetricName") to
 	// unconditionally include in API requests. By default, fields with
 	// empty values are omitted from API requests. However, any non-pointer,
 	// non-interface field appearing in ForceSendFields will be sent to the
 	// server regardless of whether the field is empty or not. This may be
 	// used to include empty fields in Patch requests.
 	ForceSendFields []string `json:"-"`

 	// NullFields is a list of field names (e.g. "MetricName") to include in
 	// API requests with the JSON null value. By default, fields with empty
 	// values are omitted from API requests. However, any field with an
 	// empty value appearing in NullFields will be sent to the server as
 	// null. It is an error if a field in this list has a non-empty value.
 	// This may be used to include null fields in Patch requests.
 	NullFields []string `json:"-"`
 }

 func (s *GoogleApiServicecontrolV1MetricValueSet) MarshalJSON() ([]byte, error) {
 	type NoMethod GoogleApiServicecontrolV1MetricValueSet
 	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }

 // GoogleApiServicecontrolV1Operation: Represents information regarding
 // an operation.
 type GoogleApiServicecontrolV1Operation struct {
 	// ConsumerId: Identity of the consumer who is using the service. This
 	// field should be filled in for the operations initiated by a consumer,
 	// but not for service-initiated operations that are not related to a
 	// specific consumer. - This can be in one of the following formats: -
 	// project:PROJECT_ID, - project`_`number:PROJECT_NUMBER, -
 	// projects/PROJECT_ID or PROJECT_NUMBER, - folders/FOLDER_NUMBER, -
 	// organizations/ORGANIZATION_NUMBER, - api`_`key:API_KEY.
 	ConsumerId string `json:"consumerId,omitempty"`

 	// EndTime: End time of the operation. Required when the operation is
 	// used in ServiceController.Report, but optional when the operation is
 	// used in ServiceController.Check.
 	EndTime string `json:"endTime,omitempty"`

 	// Extensions: Unimplemented.
 	Extensions []googleapi.RawMessage `json:"extensions,omitempty"`

 	// Importance: DO NOT USE. This is an experimental field.
 	//
 	// Possible values:
 	//   "LOW" - Allows data caching, batching, and aggregation. It provides
 	// higher performance with higher data loss risk.
 	//   "HIGH" - Disables data aggregation to minimize data loss. It is for
 	// operations that contains significant monetary value or audit trail.
 	// This feature only applies to the client libraries.
 	//   "DEBUG" - Deprecated. Do not use. Disables data aggregation and
 	// enables additional validation logic. It should only be used during
 	// the onboarding process. It is only available to Google internal
 	// services, and the service must be approved by chemist-dev@google.com
 	// in order to use this level.
 	Importance string `json:"importance,omitempty"`

 	// Labels: Labels describing the operation. Only the following labels
 	// are allowed: - Labels describing monitored resources as defined in
 	// the service configuration. - Default labels of metric values. When
 	// specified, labels defined in the metric value override these default.
 	// - The following labels defined by Google Cloud Platform: -
 	// `cloud.googleapis.com/location` describing the location where the
 	// operation happened, - `servicecontrol.googleapis.com/user_agent`
 	// describing the user agent of the API request, -
 	// `servicecontrol.googleapis.com/service_agent` describing the service
 	// used to handle the API request (e.g. ESP), -
 	// `servicecontrol.googleapis.com/platform` describing the platform
 	// where the API is served, such as App Engine, Compute Engine, or
 	// Kubernetes Engine.
 	Labels map[string]string `json:"labels,omitempty"`

 	// LogEntries: Represents information to be logged.
 	LogEntries []*GoogleApiServicecontrolV1LogEntry `json:"logEntries,omitempty"`

 	// MetricValueSets: Represents information about this operation. Each
 	// MetricValueSet corresponds to a metric defined in the service
 	// configuration. The data type used in the MetricValueSet must agree
 	// with the data type specified in the metric definition. Within a
 	// single operation, it is not allowed to have more than one MetricValue
 	// instances that have the same metric names and identical label value
 	// combinations. If a request has such duplicated MetricValue instances,
 	// the entire request is rejected with an invalid argument error.
 	MetricValueSets []*GoogleApiServicecontrolV1MetricValueSet `json:"metricValueSets,omitempty"`

 	// OperationId: Identity of the operation. This must be unique within
 	// the scope of the service that generated the operation. If the service
 	// calls Check() and Report() on the same operation, the two calls
 	// should carry the same id. UUID version 4 is recommended, though not
 	// required. In scenarios where an operation is computed from existing
 	// information and an idempotent id is desirable for deduplication
 	// purpose, UUID version 5 is recommended. See RFC 4122 for details.
 	OperationId string `json:"operationId,omitempty"`

 	// OperationName: Fully qualified name of the operation. Reserved for
 	// future use.
 	OperationName string `json:"operationName,omitempty"`

 	// QuotaProperties: Represents the properties needed for quota check.
 	// Applicable only if this operation is for a quota check request. If
 	// this is not specified, no quota check will be performed.
 	QuotaProperties *GoogleApiServicecontrolV1QuotaProperties `json:"quotaProperties,omitempty"`

 	// Resources: The resources that are involved in the operation. The
 	// maximum supported number of entries in this field is 100.
 	Resources []*GoogleApiServicecontrolV1ResourceInfo `json:"resources,omitempty"`

 	// StartTime: Required. Start time of the operation.
 	StartTime string `json:"startTime,omitempty"`

 	// TraceSpans: Unimplemented. A list of Cloud Trace spans. The span
 	// names shall contain the id of the destination project which can be
 	// either the produce or the consumer project.
 	TraceSpans []*GoogleApiServicecontrolV1TraceSpan `json:"traceSpans,omitempty"`

 	// UserLabels: Private Preview. This feature is only available for
 	// approved services. User defined labels for the resource that this
 	// operation is associated with. Only a combination of 1000 user labels
 	// per consumer project are allowed.
 	UserLabels map[string]string `json:"userLabels,omitempty"`

 	// ForceSendFields is a list of field names (e.g. "ConsumerId") to
 	// unconditionally include in API requests. By default, fields with
 	// empty values are omitted from API requests. However, any non-pointer,
 	// non-interface field appearing in ForceSendFields will be sent to the
 	// server regardless of whether the field is empty or not. This may be
 	// used to include empty fields in Patch requests.
 	ForceSendFields []string `json:"-"`

 	// NullFields is a list of field names (e.g. "ConsumerId") to include in
 	// API requests with the JSON null value. By default, fields with empty
 	// values are omitted from API requests. However, any field with an
 	// empty value appearing in NullFields will be sent to the server as
 	// null. It is an error if a field in this list has a non-empty value.
 	// This may be used to include null fields in Patch requests.
 	NullFields []string `json:"-"`
 }

 func (s *GoogleApiServicecontrolV1Operation) MarshalJSON() ([]byte, error) {
 	type NoMethod GoogleApiServicecontrolV1Operation
 	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }

 // GoogleApiServicecontrolV1QuotaProperties: Represents the properties
 // needed for quota operations.
 type GoogleApiServicecontrolV1QuotaProperties struct {
 	// QuotaMode: Quota mode for this operation.
 	//
 	// Possible values:
 	//   "ACQUIRE" - Decreases available quota by the cost specified for the
 	// operation. If cost is higher than available quota, operation fails
 	// and returns error.
 	//   "ACQUIRE_BEST_EFFORT" - Decreases available quota by the cost
 	// specified for the operation. If cost is higher than available quota,
 	// operation does not fail and available quota goes down to zero but it
 	// returns error.
 	//   "CHECK" - Does not change any available quota. Only checks if there
 	// is enough quota. No lock is placed on the checked tokens neither.
 	//   "RELEASE" - Increases available quota by the operation cost
 	// specified for the operation.
 	QuotaMode string `json:"quotaMode,omitempty"`

 	// ForceSendFields is a list of field names (e.g. "QuotaMode") to
 	// unconditionally include in API requests. By default, fields with
 	// empty values are omitted from API requests. However, any non-pointer,
 	// non-interface field appearing in ForceSendFields will be sent to the
 	// server regardless of whether the field is empty or not. This may be
 	// used to include empty fields in Patch requests.
 	ForceSendFields []string `json:"-"`

 	// NullFields is a list of field names (e.g. "QuotaMode") to include in
 	// API requests with the JSON null value. By default, fields with empty
 	// values are omitted from API requests. However, any field with an
 	// empty value appearing in NullFields will be sent to the server as
 	// null. It is an error if a field in this list has a non-empty value.
 	// This may be used to include null fields in Patch requests.
 	NullFields []string `json:"-"`
 }

 func (s *GoogleApiServicecontrolV1QuotaProperties) MarshalJSON() ([]byte, error) {
 	type NoMethod GoogleApiServicecontrolV1QuotaProperties
 	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }

 // GoogleApiServicecontrolV1ReportRequest: Request message for the
 // Report method.
 type GoogleApiServicecontrolV1ReportRequest struct {
 	// Operations: Operations to be reported. Typically the service should
 	// report one operation per request. Putting multiple operations into a
 	// single request is allowed, but should be used only when multiple
 	// operations are natually available at the time of the report. There is
 	// no limit on the number of operations in the same ReportRequest,
 	// however the ReportRequest size should be no larger than 1MB. See
 	// ReportResponse.report_errors for partial failure behavior.
 	Operations []*GoogleApiServicecontrolV1Operation `json:"operations,omitempty"`

 	// ServiceConfigId: Specifies which version of service config should be
 	// used to process the request. If unspecified or no matching version
 	// can be found, the latest one will be used.
 	ServiceConfigId string `json:"serviceConfigId,omitempty"`

 	// ServiceName: The service name as specified in its service
 	// configuration. For example, "pubsub.googleapis.com". See
 	// google.api.Service
 	// (https://cloud.google.com/service-management/reference/rpc/google.api#google.api.Service)
 	// for the definition of a service name.
 	ServiceName string `json:"serviceName,omitempty"`

 	// ForceSendFields is a list of field names (e.g. "Operations") to
 	// unconditionally include in API requests. By default, fields with
 	// empty values are omitted from API requests. However, any non-pointer,
 	// non-interface field appearing in ForceSendFields will be sent to the
 	// server regardless of whether the field is empty or not. This may be
 	// used to include empty fields in Patch requests.
 	ForceSendFields []string `json:"-"`

 	// NullFields is a list of field names (e.g. "Operations") to include in
 	// API requests with the JSON null value. By default, fields with empty
 	// values are omitted from API requests. However, any field with an
 	// empty value appearing in NullFields will be sent to the server as
 	// null. It is an error if a field in this list has a non-empty value.
 	// This may be used to include null fields in Patch requests.
 	NullFields []string `json:"-"`
 }

 func (s *GoogleApiServicecontrolV1ReportRequest) MarshalJSON() ([]byte, error) {
 	type NoMethod GoogleApiServicecontrolV1ReportRequest
 	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }

 // GoogleApiServicecontrolV1ResourceInfo: Describes a resource
 // associated with this operation.
 type GoogleApiServicecontrolV1ResourceInfo struct {
 	// ResourceContainer: The identifier of the parent of this resource
 	// instance. Must be in one of the following formats: - `projects/` -
 	// `folders/` - `organizations/`
 	ResourceContainer string `json:"resourceContainer,omitempty"`

 	// ResourceLocation: The location of the resource. If not empty, the
 	// resource will be checked against location policy. The value must be a
 	// valid zone, region or multiregion. For example: "europe-west4" or
 	// "northamerica-northeast1-a"
 	ResourceLocation string `json:"resourceLocation,omitempty"`

 	// ResourceName: Name of the resource. This is used for auditing
 	// purposes.
 	ResourceName string `json:"resourceName,omitempty"`

 	// ForceSendFields is a list of field names (e.g. "ResourceContainer")
 	// to unconditionally include in API requests. By default, fields with
 	// empty values are omitted from API requests. However, any non-pointer,
 	// non-interface field appearing in ForceSendFields will be sent to the
 	// server regardless of whether the field is empty or not. This may be
 	// used to include empty fields in Patch requests.
 	ForceSendFields []string `json:"-"`

 	// NullFields is a list of field names (e.g. "ResourceContainer") to
 	// include in API requests with the JSON null value. By default, fields
 	// with empty values are omitted from API requests. However, any field
 	// with an empty value appearing in NullFields will be sent to the
 	// server as null. It is an error if a field in this list has a
 	// non-empty value. This may be used to include null fields in Patch
 	// requests.
 	NullFields []string `json:"-"`
 }

 func (s *GoogleApiServicecontrolV1ResourceInfo) MarshalJSON() ([]byte, error) {
 	type NoMethod GoogleApiServicecontrolV1ResourceInfo
 	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }

 // GoogleApiServicecontrolV1TraceSpan: A span represents a single
 // operation within a trace. Spans can be nested to form a trace tree.
 // Often, a trace contains a root span that describes the end-to-end
 // latency, and one or more subspans for its sub-operations. A trace can
 // also contain multiple root spans, or none at all. Spans do not need
 // to be contiguous—there may be gaps or overlaps between spans in a
 // trace.
 type GoogleApiServicecontrolV1TraceSpan struct {
 	// Attributes: A set of attributes on the span. You can have up to 32
 	// attributes per span.
 	Attributes *GoogleApiServicecontrolV1Attributes `json:"attributes,omitempty"`

 	// ChildSpanCount: An optional number of child spans that were generated
 	// while this span was active. If set, allows implementation to detect
 	// missing child spans.
 	ChildSpanCount int64 `json:"childSpanCount,omitempty"`

 	// DisplayName: A description of the span's operation (up to 128 bytes).
 	// Stackdriver Trace displays the description in the Google Cloud
 	// Platform Console. For example, the display name can be a qualified
 	// method name or a file name and a line number where the operation is
 	// called. A best practice is to use the same display name within an
 	// application and at the same call point. This makes it easier to
 	// correlate spans in different traces.
 	DisplayName *GoogleApiServicecontrolV1TruncatableString `json:"displayName,omitempty"`

 	// EndTime: The end time of the span. On the client side, this is the
 	// time kept by the local machine where the span execution ends. On the
 	// server side, this is the time when the server application handler
 	// stops running.
 	EndTime string `json:"endTime,omitempty"`

 	// Name: The resource name of the span in the following format:
 	// projects/[PROJECT_ID]/traces/[TRACE_ID]/spans/SPAN_ID is a unique
 	// identifier for a trace within a project; it is a 32-character
 	// hexadecimal encoding of a 16-byte array. [SPAN_ID] is a unique
 	// identifier for a span within a trace; it is a 16-character
 	// hexadecimal encoding of an 8-byte array.
 	Name string `json:"name,omitempty"`

 	// ParentSpanId: The [SPAN_ID] of this span's parent span. If this is a
 	// root span, then this field must be empty.
 	ParentSpanId string `json:"parentSpanId,omitempty"`

 	// SameProcessAsParentSpan: (Optional) Set this parameter to indicate
 	// whether this span is in the same process as its parent. If you do not
 	// set this parameter, Stackdriver Trace is unable to take advantage of
 	// this helpful information.
 	SameProcessAsParentSpan bool `json:"sameProcessAsParentSpan,omitempty"`

 	// SpanId: The [SPAN_ID] portion of the span's resource name.
 	SpanId string `json:"spanId,omitempty"`

 	// SpanKind: Distinguishes between spans generated in a particular
 	// context. For example, two spans with the same name may be
 	// distinguished using `CLIENT` (caller) and `SERVER` (callee) to
 	// identify an RPC call.
 	//
 	// Possible values:
 	//   "SPAN_KIND_UNSPECIFIED" - Unspecified. Do NOT use as default.
 	// Implementations MAY assume SpanKind.INTERNAL to be default.
 	//   "INTERNAL" - Indicates that the span is used internally. Default
 	// value.
 	//   "SERVER" - Indicates that the span covers server-side handling of
 	// an RPC or other remote network request.
 	//   "CLIENT" - Indicates that the span covers the client-side wrapper
 	// around an RPC or other remote request.
 	//   "PRODUCER" - Indicates that the span describes producer sending a
 	// message to a broker. Unlike client and server, there is no direct
 	// critical path latency relationship between producer and consumer
 	// spans (e.g. publishing a message to a pubsub service).
 	//   "CONSUMER" - Indicates that the span describes consumer receiving a
 	// message from a broker. Unlike client and server, there is no direct
 	// critical path latency relationship between producer and consumer
 	// spans (e.g. receiving a message from a pubsub service subscription).
 	SpanKind string `json:"spanKind,omitempty"`

 	// StartTime: The start time of the span. On the client side, this is
 	// the time kept by the local machine where the span execution starts.
 	// On the server side, this is the time when the server's application
 	// handler starts running.
 	StartTime string `json:"startTime,omitempty"`

 	// Status: An optional final status for this span.
 	Status *Status `json:"status,omitempty"`

 	// ForceSendFields is a list of field names (e.g. "Attributes") to
 	// unconditionally include in API requests. By default, fields with
 	// empty values are omitted from API requests. However, any non-pointer,
 	// non-interface field appearing in ForceSendFields will be sent to the
 	// server regardless of whether the field is empty or not. This may be
 	// used to include empty fields in Patch requests.
 	ForceSendFields []string `json:"-"`

 	// NullFields is a list of field names (e.g. "Attributes") to include in
 	// API requests with the JSON null value. By default, fields with empty
 	// values are omitted from API requests. However, any field with an
 	// empty value appearing in NullFields will be sent to the server as
 	// null. It is an error if a field in this list has a non-empty value.
 	// This may be used to include null fields in Patch requests.
 	NullFields []string `json:"-"`
 }

 func (s *GoogleApiServicecontrolV1TraceSpan) MarshalJSON() ([]byte, error) {
 	type NoMethod GoogleApiServicecontrolV1TraceSpan
 	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }

 // GoogleApiServicecontrolV1TruncatableString: Represents a string that
 // might be shortened to a specified length.
 type GoogleApiServicecontrolV1TruncatableString struct {
 	// TruncatedByteCount: The number of bytes removed from the original
 	// string. If this value is 0, then the string was not shortened.
 	TruncatedByteCount int64 `json:"truncatedByteCount,omitempty"`

 	// Value: The shortened string. For example, if the original string is
 	// 500 bytes long and the limit of the string is 128 bytes, then `value`
 	// contains the first 128 bytes of the 500-byte string. Truncation
 	// always happens on a UTF8 character boundary. If there are multi-byte
 	// characters in the string, then the length of the shortened string
 	// might be less than the size limit.
 	Value string `json:"value,omitempty"`

 	// ForceSendFields is a list of field names (e.g. "TruncatedByteCount")
 	// to unconditionally include in API requests. By default, fields with
 	// empty values are omitted from API requests. However, any non-pointer,
 	// non-interface field appearing in ForceSendFields will be sent to the
 	// server regardless of whether the field is empty or not. This may be
 	// used to include empty fields in Patch requests.
 	ForceSendFields []string `json:"-"`

 	// NullFields is a list of field names (e.g. "TruncatedByteCount") to
 	// include in API requests with the JSON null value. By default, fields
 	// with empty values are omitted from API requests. However, any field
 	// with an empty value appearing in NullFields will be sent to the
 	// server as null. It is an error if a field in this list has a
 	// non-empty value. This may be used to include null fields in Patch
 	// requests.
 	NullFields []string `json:"-"`
 }

 func (s *GoogleApiServicecontrolV1TruncatableString) MarshalJSON() ([]byte, error) {
 	type NoMethod GoogleApiServicecontrolV1TruncatableString
 	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }

 // IssuanceModes: IssuanceModes specifies the allowed ways in which
 // Certificates may be requested from this CertificateAuthority.
 type IssuanceModes struct {
 	// AllowConfigBasedIssuance: Required. When true, allows callers to
 	// create Certificates by specifying a CertificateConfig.
 	AllowConfigBasedIssuance bool `json:"allowConfigBasedIssuance,omitempty"`

 	// AllowCsrBasedIssuance: Required. When true, allows callers to create
 	// Certificates by specifying a CSR.
 	AllowCsrBasedIssuance bool `json:"allowCsrBasedIssuance,omitempty"`

 	// ForceSendFields is a list of field names (e.g.
 	// "AllowConfigBasedIssuance") to unconditionally include in API
 	// requests. By default, fields with empty values are omitted from API
 	// requests. However, any non-pointer, non-interface field appearing in
 	// ForceSendFields will be sent to the server regardless of whether the
 	// field is empty or not. This may be used to include empty fields in
 	// Patch requests.
 	ForceSendFields []string `json:"-"`

 	// NullFields is a list of field names (e.g. "AllowConfigBasedIssuance")
 	// to include in API requests with the JSON null value. By default,
 	// fields with empty values are omitted from API requests. However, any
 	// field with an empty value appearing in NullFields will be sent to the
 	// server as null. It is an error if a field in this list has a
 	// non-empty value. This may be used to include null fields in Patch
 	// requests.
 	NullFields []string `json:"-"`
 }

 func (s *IssuanceModes) MarshalJSON() ([]byte, error) {
 	type NoMethod IssuanceModes
 	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }

 // IssuingOptions: Options that affect all certificates issued by a
 // CertificateAuthority.
 type IssuingOptions struct {
 	// IncludeCaCertUrl: Required. When true, includes a URL to the issuing
 	// CA certificate in the "authority information access" X.509 extension.
 	IncludeCaCertUrl bool `json:"includeCaCertUrl,omitempty"`

 	// IncludeCrlAccessUrl: Required. When true, includes a URL to the CRL
 	// corresponding to certificates issued from a CertificateAuthority.
 	// CRLs will expire 7 days from their creation. However, we will rebuild
 	// daily. CRLs are also rebuilt shortly after a certificate is revoked.
 	IncludeCrlAccessUrl bool `json:"includeCrlAccessUrl,omitempty"`

 	// ForceSendFields is a list of field names (e.g. "IncludeCaCertUrl") to
 	// unconditionally include in API requests. By default, fields with
 	// empty values are omitted from API requests. However, any non-pointer,
 	// non-interface field appearing in ForceSendFields will be sent to the
 	// server regardless of whether the field is empty or not. This may be
 	// used to include empty fields in Patch requests.
 	ForceSendFields []string `json:"-"`

 	// NullFields is a list of field names (e.g. "IncludeCaCertUrl") to
 	// include in API requests with the JSON null value. By default, fields
 	// with empty values are omitted from API requests. However, any field
 	// with an empty value appearing in NullFields will be sent to the
 	// server as null. It is an error if a field in this list has a
 	// non-empty value. This may be used to include null fields in Patch
 	// requests.
 	NullFields []string `json:"-"`
 }

 func (s *IssuingOptions) MarshalJSON() ([]byte, error) {
 	type NoMethod IssuingOptions
 	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }

 // KeyId: A KeyId identifies a specific public key, usually by hashing
 // the public key.
 type KeyId struct {
 	// KeyId: Optional. The value of this KeyId encoded in lowercase
 	// hexadecimal. This is most likely the 160 bit SHA-1 hash of the public
 	// key.
 	KeyId string `json:"keyId,omitempty"`

 	// ForceSendFields is a list of field names (e.g. "KeyId") to
 	// unconditionally include in API requests. By default, fields with
 	// empty values are omitted from API requests. However, any non-pointer,
 	// non-interface field appearing in ForceSendFields will be sent to the
 	// server regardless of whether the field is empty or not. This may be
 	// used to include empty fields in Patch requests.
 	ForceSendFields []string `json:"-"`

 	// NullFields is a list of field names (e.g. "KeyId") to include in API
 	// requests with the JSON null value. By default, fields with empty
 	// values are omitted from API requests. However, any field with an
 	// empty value appearing in NullFields will be sent to the server as
 	// null. It is an error if a field in this list has a non-empty value.
 	// This may be used to include null fields in Patch requests.
 	NullFields []string `json:"-"`
 }

 func (s *KeyId) MarshalJSON() ([]byte, error) {
 	type NoMethod KeyId
 	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }

 // KeyUsage: A KeyUsage describes key usage values that may appear in an
 // X.509 certificate.
 type KeyUsage struct {
 	// BaseKeyUsage: Describes high-level ways in which a key may be used.
 	BaseKeyUsage *KeyUsageOptions `json:"baseKeyUsage,omitempty"`

 	// ExtendedKeyUsage: Detailed scenarios in which a key may be used.
 	ExtendedKeyUsage *ExtendedKeyUsageOptions `json:"extendedKeyUsage,omitempty"`

 	// UnknownExtendedKeyUsages: Used to describe extended key usages that
 	// are not listed in the KeyUsage.ExtendedKeyUsageOptions message.
 	UnknownExtendedKeyUsages []*ObjectId `json:"unknownExtendedKeyUsages,omitempty"`

 	// ForceSendFields is a list of field names (e.g. "BaseKeyUsage") to
 	// unconditionally include in API requests. By default, fields with
 	// empty values are omitted from API requests. However, any non-pointer,
 	// non-interface field appearing in ForceSendFields will be sent to the
 	// server regardless of whether the field is empty or not. This may be
 	// used to include empty fields in Patch requests.
 	ForceSendFields []string `json:"-"`

 	// NullFields is a list of field names (e.g. "BaseKeyUsage") to include
 	// in API requests with the JSON null value. By default, fields with
 	// empty values are omitted from API requests. However, any field with
 	// an empty value appearing in NullFields will be sent to the server as
 	// null. It is an error if a field in this list has a non-empty value.
 	// This may be used to include null fields in Patch requests.
 	NullFields []string `json:"-"`
 }

 func (s *KeyUsage) MarshalJSON() ([]byte, error) {
 	type NoMethod KeyUsage
 	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }

 // KeyUsageOptions: KeyUsage.KeyUsageOptions corresponds to the key
 // usage values described in
 // https://tools.ietf.org/html/rfc5280#section-4.2.1.3.
 type KeyUsageOptions struct {
 	// CertSign: The key may be used to sign certificates.
 	CertSign bool `json:"certSign,omitempty"`

 	// ContentCommitment: The key may be used for cryptographic commitments.
 	// Note that this may also be referred to as "non-repudiation".
 	ContentCommitment bool `json:"contentCommitment,omitempty"`

 	// CrlSign: The key may be used sign certificate revocation lists.
 	CrlSign bool `json:"crlSign,omitempty"`

 	// DataEncipherment: The key may be used to encipher data.
 	DataEncipherment bool `json:"dataEncipherment,omitempty"`

 	// DecipherOnly: The key may be used to decipher only.
 	DecipherOnly bool `json:"decipherOnly,omitempty"`

 	// DigitalSignature: The key may be used for digital signatures.
 	DigitalSignature bool `json:"digitalSignature,omitempty"`

 	// EncipherOnly: The key may be used to encipher only.
 	EncipherOnly bool `json:"encipherOnly,omitempty"`

 	// KeyAgreement: The key may be used in a key agreement protocol.
 	KeyAgreement bool `json:"keyAgreement,omitempty"`

 	// KeyEncipherment: The key may be used to encipher other keys.
 	KeyEncipherment bool `json:"keyEncipherment,omitempty"`

 	// ForceSendFields is a list of field names (e.g. "CertSign") to
 	// unconditionally include in API requests. By default, fields with
 	// empty values are omitted from API requests. However, any non-pointer,
 	// non-interface field appearing in ForceSendFields will be sent to the
 	// server regardless of whether the field is empty or not. This may be
 	// used to include empty fields in Patch requests.
 	ForceSendFields []string `json:"-"`

 	// NullFields is a list of field names (e.g. "CertSign") to include in
 	// API requests with the JSON null value. By default, fields with empty
 	// values are omitted from API requests. However, any field with an
 	// empty value appearing in NullFields will be sent to the server as
 	// null. It is an error if a field in this list has a non-empty value.
 	// This may be used to include null fields in Patch requests.
 	NullFields []string `json:"-"`
 }

 func (s *KeyUsageOptions) MarshalJSON() ([]byte, error) {
 	type NoMethod KeyUsageOptions
 	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }

 // KeyVersionSpec: A Cloud KMS key configuration that a
 // CertificateAuthority will use.
 type KeyVersionSpec struct {
 	// Algorithm: Required. The algorithm to use for creating a managed
 	// Cloud KMS key for a for a simplified experience. All managed keys
 	// will be have their ProtectionLevel as `HSM`.
 	//
 	// Possible values:
 	//   "SIGN_HASH_ALGORITHM_UNSPECIFIED" - Not specified.
 	//   "RSA_PSS_2048_SHA256" - maps to
 	// CryptoKeyVersionAlgorithm.RSA_SIGN_PSS_2048_SHA256
 	//   "RSA_PSS_3072_SHA256" - maps to CryptoKeyVersionAlgorithm.
 	// RSA_SIGN_PSS_3072_SHA256
 	//   "RSA_PSS_4096_SHA256" - maps to
 	// CryptoKeyVersionAlgorithm.RSA_SIGN_PSS_4096_SHA256
 	//   "RSA_PKCS1_2048_SHA256" - maps to
 	// CryptoKeyVersionAlgorithm.RSA_SIGN_PKCS1_2048_SHA256
 	//   "RSA_PKCS1_3072_SHA256" - maps to
 	// CryptoKeyVersionAlgorithm.RSA_SIGN_PKCS1_3072_SHA256
 	//   "RSA_PKCS1_4096_SHA256" - maps to
 	// CryptoKeyVersionAlgorithm.RSA_SIGN_PKCS1_4096_SHA256
 	//   "EC_P256_SHA256" - maps to
 	// CryptoKeyVersionAlgorithm.EC_SIGN_P256_SHA256
 	//   "EC_P384_SHA384" - maps to
 	// CryptoKeyVersionAlgorithm.EC_SIGN_P384_SHA384
 	Algorithm string `json:"algorithm,omitempty"`

 	// CloudKmsKeyVersion: Required. The resource name for an existing Cloud
 	// KMS CryptoKeyVersion in the format
 	// `projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*`.
 	// This option enables full flexibility in the key's capabilities and
 	// properties.
 	CloudKmsKeyVersion string `json:"cloudKmsKeyVersion,omitempty"`

 	// ForceSendFields is a list of field names (e.g. "Algorithm") to
 	// unconditionally include in API requests. By default, fields with
 	// empty values are omitted from API requests. However, any non-pointer,
 	// non-interface field appearing in ForceSendFields will be sent to the
 	// server regardless of whether the field is empty or not. This may be
 	// used to include empty fields in Patch requests.
 	ForceSendFields []string `json:"-"`

 	// NullFields is a list of field names (e.g. "Algorithm") to include in
 	// API requests with the JSON null value. By default, fields with empty
 	// values are omitted from API requests. However, any field with an
 	// empty value appearing in NullFields will be sent to the server as
 	// null. It is an error if a field in this list has a non-empty value.
 	// This may be used to include null fields in Patch requests.
 	NullFields []string `json:"-"`
 }

 func (s *KeyVersionSpec) MarshalJSON() ([]byte, error) {
 	type NoMethod KeyVersionSpec
 	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }

 // ListCertificateAuthoritiesResponse: Response message for
 // CertificateAuthorityService.ListCertificateAuthorities.
 type ListCertificateAuthoritiesResponse struct {
 	// CertificateAuthorities: The list of CertificateAuthorities.
 	CertificateAuthorities []*CertificateAuthority `json:"certificateAuthorities,omitempty"`

 	// NextPageToken: A token to retrieve next page of results. Pass this
 	// value in ListCertificateAuthoritiesRequest.next_page_token to
 	// retrieve the next page of results.
 	NextPageToken string `json:"nextPageToken,omitempty"`

 	// Unreachable: A list of locations (e.g. "us-west1") that could not be
 	// reached.
 	Unreachable []string `json:"unreachable,omitempty"`

 	// ServerResponse contains the HTTP response code and headers from the
 	// server.
 	googleapi.ServerResponse `json:"-"`

 	// ForceSendFields is a list of field names (e.g.
 	// "CertificateAuthorities") to unconditionally include in API requests.
 	// By default, fields with empty values are omitted from API requests.
 	// However, any non-pointer, non-interface field appearing in
 	// ForceSendFields will be sent to the server regardless of whether the
 	// field is empty or not. This may be used to include empty fields in
 	// Patch requests.
 	ForceSendFields []string `json:"-"`

 	// NullFields is a list of field names (e.g. "CertificateAuthorities")
 	// to include in API requests with the JSON null value. By default,
 	// fields with empty values are omitted from API requests. However, any
 	// field with an empty value appearing in NullFields will be sent to the
 	// server as null. It is an error if a field in this list has a
 	// non-empty value. This may be used to include null fields in Patch
 	// requests.
 	NullFields []string `json:"-"`
 }

 func (s *ListCertificateAuthoritiesResponse) MarshalJSON() ([]byte, error) {
 	type NoMethod ListCertificateAuthoritiesResponse
 	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }

 // ListCertificateRevocationListsResponse: Response message for
 // CertificateAuthorityService.ListCertificateRevocationLists.
 type ListCertificateRevocationListsResponse struct {
 	// CertificateRevocationLists: The list of CertificateRevocationLists.
 	CertificateRevocationLists []*CertificateRevocationList `json:"certificateRevocationLists,omitempty"`

 	// NextPageToken: A token to retrieve next page of results. Pass this
 	// value in ListCertificateRevocationListsRequest.next_page_token to
 	// retrieve the next page of results.
 	NextPageToken string `json:"nextPageToken,omitempty"`

 	// Unreachable: A list of locations (e.g. "us-west1") that could not be
 	// reached.
 	Unreachable []string `json:"unreachable,omitempty"`

 	// ServerResponse contains the HTTP response code and headers from the
 	// server.
 	googleapi.ServerResponse `json:"-"`

 	// ForceSendFields is a list of field names (e.g.
 	// "CertificateRevocationLists") to unconditionally include in API
 	// requests. By default, fields with empty values are omitted from API
 	// requests. However, any non-pointer, non-interface field appearing in
 	// ForceSendFields will be sent to the server regardless of whether the
 	// field is empty or not. This may be used to include empty fields in
 	// Patch requests.
 	ForceSendFields []string `json:"-"`

 	// NullFields is a list of field names (e.g.
 	// "CertificateRevocationLists") to include in API requests with the
 	// JSON null value. By default, fields with empty values are omitted
 	// from API requests. However, any field with an empty value appearing
 	// in NullFields will be sent to the server as null. It is an error if a
 	// field in this list has a non-empty value. This may be used to include
 	// null fields in Patch requests.
 	NullFields []string `json:"-"`
 }

 func (s *ListCertificateRevocationListsResponse) MarshalJSON() ([]byte, error) {
 	type NoMethod ListCertificateRevocationListsResponse
 	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }

 // ListCertificatesResponse: Response message for
 // CertificateAuthorityService.ListCertificates.
 type ListCertificatesResponse struct {
 	// Certificates: The list of Certificates.
 	Certificates []*Certificate `json:"certificates,omitempty"`

 	// NextPageToken: A token to retrieve next page of results. Pass this
 	// value in ListCertificatesRequest.next_page_token to retrieve the next
 	// page of results.
 	NextPageToken string `json:"nextPageToken,omitempty"`

 	// Unreachable: A list of locations (e.g. "us-west1") that could not be
 	// reached.
 	Unreachable []string `json:"unreachable,omitempty"`

 	// ServerResponse contains the HTTP response code and headers from the
 	// server.
 	googleapi.ServerResponse `json:"-"`

 	// ForceSendFields is a list of field names (e.g. "Certificates") to
 	// unconditionally include in API requests. By default, fields with
 	// empty values are omitted from API requests. However, any non-pointer,
 	// non-interface field appearing in ForceSendFields will be sent to the
 	// server regardless of whether the field is empty or not. This may be
 	// used to include empty fields in Patch requests.
 	ForceSendFields []string `json:"-"`

 	// NullFields is a list of field names (e.g. "Certificates") to include
 	// in API requests with the JSON null value. By default, fields with
 	// empty values are omitted from API requests. However, any field with
 	// an empty value appearing in NullFields will be sent to the server as
 	// null. It is an error if a field in this list has a non-empty value.
 	// This may be used to include null fields in Patch requests.
 	NullFields []string `json:"-"`
 }

 func (s *ListCertificatesResponse) MarshalJSON() ([]byte, error) {
 	type NoMethod ListCertificatesResponse
 	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }

 // ListLocationsResponse: The response message for
 // Locations.ListLocations.
 type ListLocationsResponse struct {
 	// Locations: A list of locations that matches the specified filter in
 	// the request.
 	Locations []*Location `json:"locations,omitempty"`

 	// NextPageToken: The standard List next-page token.
 	NextPageToken string `json:"nextPageToken,omitempty"`

 	// ServerResponse contains the HTTP response code and headers from the
 	// server.
 	googleapi.ServerResponse `json:"-"`

 	// ForceSendFields is a list of field names (e.g. "Locations") to
 	// unconditionally include in API requests. By default, fields with
 	// empty values are omitted from API requests. However, any non-pointer,
 	// non-interface field appearing in ForceSendFields will be sent to the
 	// server regardless of whether the field is empty or not. This may be
 	// used to include empty fields in Patch requests.
 	ForceSendFields []string `json:"-"`

 	// NullFields is a list of field names (e.g. "Locations") to include in
 	// API requests with the JSON null value. By default, fields with empty
 	// values are omitted from API requests. However, any field with an
 	// empty value appearing in NullFields will be sent to the server as
 	// null. It is an error if a field in this list has a non-empty value.
 	// This may be used to include null fields in Patch requests.
 	NullFields []string `json:"-"`
 }

 func (s *ListLocationsResponse) MarshalJSON() ([]byte, error) {
 	type NoMethod ListLocationsResponse
 	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }

 // ListOperationsResponse: The response message for
 // Operations.ListOperations.
 type ListOperationsResponse struct {
 	// NextPageToken: The standard List next-page token.
 	NextPageToken string `json:"nextPageToken,omitempty"`

 	// Operations: A list of operations that matches the specified filter in
 	// the request.
 	Operations []*Operation `json:"operations,omitempty"`

 	// ServerResponse contains the HTTP response code and headers from the
 	// server.
 	googleapi.ServerResponse `json:"-"`

 	// ForceSendFields is a list of field names (e.g. "NextPageToken") to
 	// unconditionally include in API requests. By default, fields with
 	// empty values are omitted from API requests. However, any non-pointer,
 	// non-interface field appearing in ForceSendFields will be sent to the
 	// server regardless of whether the field is empty or not. This may be
 	// used to include empty fields in Patch requests.
 	ForceSendFields []string `json:"-"`

 	// NullFields is a list of field names (e.g. "NextPageToken") to include
 	// in API requests with the JSON null value. By default, fields with
 	// empty values are omitted from API requests. However, any field with
 	// an empty value appearing in NullFields will be sent to the server as
 	// null. It is an error if a field in this list has a non-empty value.
 	// This may be used to include null fields in Patch requests.
 	NullFields []string `json:"-"`
 }

 func (s *ListOperationsResponse) MarshalJSON() ([]byte, error) {
 	type NoMethod ListOperationsResponse
 	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }

 // ListReusableConfigsResponse: Response message for
 // CertificateAuthorityService.ListReusableConfigs.
 type ListReusableConfigsResponse struct {
 	// NextPageToken: A token to retrieve next page of results. Pass this
 	// value in ListReusableConfigsRequest.next_page_token to retrieve the
 	// next page of results.
 	NextPageToken string `json:"nextPageToken,omitempty"`

 	// ReusableConfigs: The list of ReusableConfigs.
 	ReusableConfigs []*ReusableConfig `json:"reusableConfigs,omitempty"`

 	// Unreachable: A list of locations (e.g. "us-west1") that could not be
 	// reached.
 	Unreachable []string `json:"unreachable,omitempty"`

 	// ServerResponse contains the HTTP response code and headers from the
 	// server.
 	googleapi.ServerResponse `json:"-"`

 	// ForceSendFields is a list of field names (e.g. "NextPageToken") to
 	// unconditionally include in API requests. By default, fields with
 	// empty values are omitted from API requests. However, any non-pointer,
 	// non-interface field appearing in ForceSendFields will be sent to the
 	// server regardless of whether the field is empty or not. This may be
 	// used to include empty fields in Patch requests.
 	ForceSendFields []string `json:"-"`

 	// NullFields is a list of field names (e.g. "NextPageToken") to include
 	// in API requests with the JSON null value. By default, fields with
 	// empty values are omitted from API requests. However, any field with
 	// an empty value appearing in NullFields will be sent to the server as
 	// null. It is an error if a field in this list has a non-empty value.
 	// This may be used to include null fields in Patch requests.
 	NullFields []string `json:"-"`
 }

 func (s *ListReusableConfigsResponse) MarshalJSON() ([]byte, error) {
 	type NoMethod ListReusableConfigsResponse
 	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }

 // Location: A resource that represents Google Cloud Platform location.
 type Location struct {
 	// DisplayName: The friendly name for this location, typically a nearby
 	// city name. For example, "Tokyo".
 	DisplayName string `json:"displayName,omitempty"`

 	// Labels: Cross-service attributes for the location. For example
 	// {"cloud.googleapis.com/region": "us-east1"}
 	Labels map[string]string `json:"labels,omitempty"`

 	// LocationId: The canonical id for this location. For example:
 	// "us-east1".
 	LocationId string `json:"locationId,omitempty"`

 	// Metadata: Service-specific metadata. For example the available
 	// capacity at the given location.
 	Metadata googleapi.RawMessage `json:"metadata,omitempty"`

 	// Name: Resource name for the location, which may vary between
 	// implementations. For example:
 	// "projects/example-project/locations/us-east1"
 	Name string `json:"name,omitempty"`

 	// ServerResponse contains the HTTP response code and headers from the
 	// server.
 	googleapi.ServerResponse `json:"-"`

 	// ForceSendFields is a list of field names (e.g. "DisplayName") to
 	// unconditionally include in API requests. By default, fields with
 	// empty values are omitted from API requests. However, any non-pointer,
 	// non-interface field appearing in ForceSendFields will be sent to the
 	// server regardless of whether the field is empty or not. This may be
 	// used to include empty fields in Patch requests.
 	ForceSendFields []string `json:"-"`

 	// NullFields is a list of field names (e.g. "DisplayName") to include
 	// in API requests with the JSON null value. By default, fields with
 	// empty values are omitted from API requests. However, any field with
 	// an empty value appearing in NullFields will be sent to the server as
 	// null. It is an error if a field in this list has a non-empty value.
 	// This may be used to include null fields in Patch requests.
 	NullFields []string `json:"-"`
 }

 func (s *Location) MarshalJSON() ([]byte, error) {
 	type NoMethod Location
 	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }

 // Money: Represents an amount of money with its currency type.
 type Money struct {
 	// CurrencyCode: The three-letter currency code defined in ISO 4217.
 	CurrencyCode string `json:"currencyCode,omitempty"`

 	// Nanos: Number of nano (10^-9) units of the amount. The value must be
 	// between -999,999,999 and +999,999,999 inclusive. If `units` is
 	// positive, `nanos` must be positive or zero. If `units` is zero,
 	// `nanos` can be positive, zero, or negative. If `units` is negative,
 	// `nanos` must be negative or zero. For example $-1.75 is represented
 	// as `units`=-1 and `nanos`=-750,000,000.
 	Nanos int64 `json:"nanos,omitempty"`

 	// Units: The whole units of the amount. For example if `currencyCode`
 	// is "USD", then 1 unit is one US dollar.
 	Units int64 `json:"units,omitempty,string"`

 	// ForceSendFields is a list of field names (e.g. "CurrencyCode") to
 	// unconditionally include in API requests. By default, fields with
 	// empty values are omitted from API requests. However, any non-pointer,
 	// non-interface field appearing in ForceSendFields will be sent to the
 	// server regardless of whether the field is empty or not. This may be
 	// used to include empty fields in Patch requests.
 	ForceSendFields []string `json:"-"`

 	// NullFields is a list of field names (e.g. "CurrencyCode") to include
 	// in API requests with the JSON null value. By default, fields with
 	// empty values are omitted from API requests. However, any field with
 	// an empty value appearing in NullFields will be sent to the server as
 	// null. It is an error if a field in this list has a non-empty value.
 	// This may be used to include null fields in Patch requests.
 	NullFields []string `json:"-"`
 }

 func (s *Money) MarshalJSON() ([]byte, error) {
 	type NoMethod Money
 	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }

 // ObjectId: An ObjectId specifies an object identifier (OID). These
 // provide context and describe types in ASN.1 messages.
 type ObjectId struct {
 	// ObjectIdPath: Required. The parts of an OID path. The most
 	// significant parts of the path come first.
 	ObjectIdPath []int64 `json:"objectIdPath,omitempty"`

 	// ForceSendFields is a list of field names (e.g. "ObjectIdPath") to
 	// unconditionally include in API requests. By default, fields with
 	// empty values are omitted from API requests. However, any non-pointer,
 	// non-interface field appearing in ForceSendFields will be sent to the
 	// server regardless of whether the field is empty or not. This may be
 	// used to include empty fields in Patch requests.
 	ForceSendFields []string `json:"-"`

 	// NullFields is a list of field names (e.g. "ObjectIdPath") to include
 	// in API requests with the JSON null value. By default, fields with
 	// empty values are omitted from API requests. However, any field with
 	// an empty value appearing in NullFields will be sent to the server as
 	// null. It is an error if a field in this list has a non-empty value.
 	// This may be used to include null fields in Patch requests.
 	NullFields []string `json:"-"`
 }

 func (s *ObjectId) MarshalJSON() ([]byte, error) {
 	type NoMethod ObjectId
 	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }

 // Operation: This resource represents a long-running operation that is
 // the result of a network API call.
 type Operation struct {
 	// Done: If the value is `false`, it means the operation is still in
 	// progress. If `true`, the operation is completed, and either `error`
 	// or `response` is available.
 	Done bool `json:"done,omitempty"`

 	// Error: The error result of the operation in case of failure or
 	// cancellation.
 	Error *Status `json:"error,omitempty"`

 	// Metadata: Service-specific metadata associated with the operation. It
 	// typically contains progress information and common metadata such as
 	// create time. Some services might not provide such metadata. Any
 	// method that returns a long-running operation should document the
 	// metadata type, if any.
 	Metadata googleapi.RawMessage `json:"metadata,omitempty"`

 	// Name: The server-assigned name, which is only unique within the same
 	// service that originally returns it. If you use the default HTTP
 	// mapping, the `name` should be a resource name ending with
 	// `operations/{unique_id}`.
 	Name string `json:"name,omitempty"`

 	// Response: The normal response of the operation in case of success. If
 	// the original method returns no data on success, such as `Delete`, the
 	// response is `google.protobuf.Empty`. If the original method is
 	// standard `Get`/`Create`/`Update`, the response should be the
 	// resource. For other methods, the response should have the type
 	// `XxxResponse`, where `Xxx` is the original method name. For example,
 	// if the original method name is `TakeSnapshot()`, the inferred
 	// response type is `TakeSnapshotResponse`.
 	Response googleapi.RawMessage `json:"response,omitempty"`

 	// ServerResponse contains the HTTP response code and headers from the
 	// server.
 	googleapi.ServerResponse `json:"-"`

 	// ForceSendFields is a list of field names (e.g. "Done") to
 	// unconditionally include in API requests. By default, fields with
 	// empty values are omitted from API requests. However, any non-pointer,
 	// non-interface field appearing in ForceSendFields will be sent to the
 	// server regardless of whether the field is empty or not. This may be
 	// used to include empty fields in Patch requests.
 	ForceSendFields []string `json:"-"`

 	// NullFields is a list of field names (e.g. "Done") to include in API
 	// requests with the JSON null value. By default, fields with empty
 	// values are omitted from API requests. However, any field with an
 	// empty value appearing in NullFields will be sent to the server as
 	// null. It is an error if a field in this list has a non-empty value.
 	// This may be used to include null fields in Patch requests.
 	NullFields []string `json:"-"`
 }

 func (s *Operation) MarshalJSON() ([]byte, error) {
 	type NoMethod Operation
 	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }

 // OperationMetadata: Represents the metadata of the long-running
 // operation.
 type OperationMetadata struct {
 	// ApiVersion: Output only. API version used to start the operation.
 	ApiVersion string `json:"apiVersion,omitempty"`

 	// CreateTime: Output only. The time the operation was created.
 	CreateTime string `json:"createTime,omitempty"`

 	// EndTime: Output only. The time the operation finished running.
 	EndTime string `json:"endTime,omitempty"`

 	// RequestedCancellation: Output only. Identifies whether the user has
 	// requested cancellation of the operation. Operations that have
 	// successfully been cancelled have Operation.error value with a
 	// google.rpc.Status.code of 1, corresponding to `Code.CANCELLED`.
 	RequestedCancellation bool `json:"requestedCancellation,omitempty"`

 	// StatusMessage: Output only. Human-readable status of the operation,
 	// if any.
 	StatusMessage string `json:"statusMessage,omitempty"`

 	// Target: Output only. Server-defined resource path for the target of
 	// the operation.
 	Target string `json:"target,omitempty"`

 	// Verb: Output only. Name of the verb executed by the operation.
 	Verb string `json:"verb,omitempty"`

 	// ForceSendFields is a list of field names (e.g. "ApiVersion") to
 	// unconditionally include in API requests. By default, fields with
 	// empty values are omitted from API requests. However, any non-pointer,
 	// non-interface field appearing in ForceSendFields will be sent to the
 	// server regardless of whether the field is empty or not. This may be
 	// used to include empty fields in Patch requests.
 	ForceSendFields []string `json:"-"`

 	// NullFields is a list of field names (e.g. "ApiVersion") to include in
 	// API requests with the JSON null value. By default, fields with empty
 	// values are omitted from API requests. However, any field with an
 	// empty value appearing in NullFields will be sent to the server as
 	// null. It is an error if a field in this list has a non-empty value.
 	// This may be used to include null fields in Patch requests.
 	NullFields []string `json:"-"`
 }

 func (s *OperationMetadata) MarshalJSON() ([]byte, error) {
 	type NoMethod OperationMetadata
 	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }

 // Policy: An Identity and Access Management (IAM) policy, which
 // specifies access controls for Google Cloud resources. A `Policy` is a
 // collection of `bindings`. A `binding` binds one or more `members` to
 // a single `role`. Members can be user accounts, service accounts,
 // Google groups, and domains (such as G Suite). A `role` is a named
 // list of permissions; each `role` can be an IAM predefined role or a
 // user-created custom role. For some types of Google Cloud resources, a
 // `binding` can also specify a `condition`, which is a logical
 // expression that allows access to a resource only if the expression
 // evaluates to `true`. A condition can add constraints based on
 // attributes of the request, the resource, or both. To learn which
 // resources support conditions in their IAM policies, see the IAM
 // documentation
 // (https://cloud.google.com/iam/help/conditions/resource-policies).
 // **JSON example:** { "bindings": [ { "role":
 // "roles/resourcemanager.organizationAdmin", "members": [
 // "user:mike@example.com", "group:admins@example.com",
 // "domain:google.com",
 // "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, {
 // "role": "roles/resourcemanager.organizationViewer", "members": [
 // "user:eve@example.com" ], "condition": { "title": "expirable access",
 // "description": "Does not grant access after Sep 2020", "expression":
 // "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ],
 // "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: -
 // members: - user:mike@example.com - group:admins@example.com -
 // domain:google.com -
 // serviceAccount:my-project-id@appspot.gserviceaccount.com role:
 // roles/resourcemanager.organizationAdmin - members: -
 // user:eve@example.com role: roles/resourcemanager.organizationViewer
 // condition: title: expirable access description: Does not grant access
 // after Sep 2020 expression: request.time <
 // timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version:
 // 3 For a description of IAM and its features, see the IAM
 // documentation (https://cloud.google.com/iam/docs/).
 type Policy struct {
 	// AuditConfigs: Specifies cloud audit logging configuration for this
 	// policy.
 	AuditConfigs []*AuditConfig `json:"auditConfigs,omitempty"`

 	// Bindings: Associates a list of `members` to a `role`. Optionally, may
 	// specify a `condition` that determines how and when the `bindings` are
 	// applied. Each of the `bindings` must contain at least one member.
 	Bindings []*Binding `json:"bindings,omitempty"`

 	// Etag: `etag` is used for optimistic concurrency control as a way to
 	// help prevent simultaneous updates of a policy from overwriting each
 	// other. It is strongly suggested that systems make use of the `etag`
 	// in the read-modify-write cycle to perform policy updates in order to
 	// avoid race conditions: An `etag` is returned in the response to
 	// `getIamPolicy`, and systems are expected to put that etag in the
 	// request to `setIamPolicy` to ensure that their change will be applied
 	// to the same version of the policy. **Important:** If you use IAM
 	// Conditions, you must include the `etag` field whenever you call
 	// `setIamPolicy`. If you omit this field, then IAM allows you to
 	// overwrite a version `3` policy with a version `1` policy, and all of
 	// the conditions in the version `3` policy are lost.
 	Etag string `json:"etag,omitempty"`

 	// Version: Specifies the format of the policy. Valid values are `0`,
 	// `1`, and `3`. Requests that specify an invalid value are rejected.
 	// Any operation that affects conditional role bindings must specify
 	// version `3`. This requirement applies to the following operations: *
 	// Getting a policy that includes a conditional role binding * Adding a
 	// conditional role binding to a policy * Changing a conditional role
 	// binding in a policy * Removing any role binding, with or without a
 	// condition, from a policy that includes conditions **Important:** If
 	// you use IAM Conditions, you must include the `etag` field whenever
 	// you call `setIamPolicy`. If you omit this field, then IAM allows you
 	// to overwrite a version `3` policy with a version `1` policy, and all
 	// of the conditions in the version `3` policy are lost. If a policy
 	// does not include any conditions, operations on that policy may
 	// specify any valid version or leave the field unset. To learn which
 	// resources support conditions in their IAM policies, see the IAM
 	// documentation
 	// (https://cloud.google.com/iam/help/conditions/resource-policies).
 	Version int64 `json:"version,omitempty"`

 	// ServerResponse contains the HTTP response code and headers from the
 	// server.
 	googleapi.ServerResponse `json:"-"`

 	// ForceSendFields is a list of field names (e.g. "AuditConfigs") to
 	// unconditionally include in API requests. By default, fields with
 	// empty values are omitted from API requests. However, any non-pointer,
 	// non-interface field appearing in ForceSendFields will be sent to the
 	// server regardless of whether the field is empty or not. This may be
 	// used to include empty fields in Patch requests.
 	ForceSendFields []string `json:"-"`

 	// NullFields is a list of field names (e.g. "AuditConfigs") to include
 	// in API requests with the JSON null value. By default, fields with
 	// empty values are omitted from API requests. However, any field with
 	// an empty value appearing in NullFields will be sent to the server as
 	// null. It is an error if a field in this list has a non-empty value.
 	// This may be used to include null fields in Patch requests.
 	NullFields []string `json:"-"`
 }

 func (s *Policy) MarshalJSON() ([]byte, error) {
 	type NoMethod Policy
 	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }

 // PublicKey: A PublicKey describes a public key.
 type PublicKey struct {
 	// Key: Required. A public key. When this is specified in a request, the
 	// padding and encoding can be any of the options described by the
 	// respective 'KeyType' value. When this is generated by the service, it
 	// will always be an RFC 5280 SubjectPublicKeyInfo
 	// (https://tools.ietf.org/html/rfc5280#section-4.1) structure
 	// containing an algorithm identifier and a key.
 	Key string `json:"key,omitempty"`

 	// Type: Optional. The type of public key. If specified, it must match
 	// the public key used for the`key` field.
 	//
 	// Possible values:
 	//   "KEY_TYPE_UNSPECIFIED" - Default unspecified value.
 	//   "PEM_RSA_KEY" - A PEM-encoded PKCS#1/RFC 3447 RSAPublicKey
 	// structure, or an RFC 5280
 	// [SubjectPublicKeyInfo](https://tools.ietf.org/html/rfc5280#section-4.1
 	// ) structure containing the former.
 	//   "PEM_EC_KEY" - An RFC 5280
 	// [SubjectPublicKeyInfo](https://tools.ietf.org/html/rfc5280#section-4.1
 	// ) structure containing a PEM-encoded compressed NIST
 	// P-256/secp256r1/prime256v1 or P-384 key.
 	Type string `json:"type,omitempty"`

 	// ForceSendFields is a list of field names (e.g. "Key") to
 	// unconditionally include in API requests. By default, fields with
 	// empty values are omitted from API requests. However, any non-pointer,
 	// non-interface field appearing in ForceSendFields will be sent to the
 	// server regardless of whether the field is empty or not. This may be
 	// used to include empty fields in Patch requests.
 	ForceSendFields []string `json:"-"`

 	// NullFields is a list of field names (e.g. "Key") to include in API
 	// requests with the JSON null value. By default, fields with empty
 	// values are omitted from API requests. However, any field with an
 	// empty value appearing in NullFields will be sent to the server as
 	// null. It is an error if a field in this list has a non-empty value.
 	// This may be used to include null fields in Patch requests.
 	NullFields []string `json:"-"`
 }

 func (s *PublicKey) MarshalJSON() ([]byte, error) {
 	type NoMethod PublicKey
 	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }

 // RestoreCertificateAuthorityRequest: Request message for
 // CertificateAuthorityService.RestoreCertificateAuthority.
 type RestoreCertificateAuthorityRequest struct {
 	// RequestId: Optional. An ID to identify requests. Specify a unique
 	// request ID so that if you must retry your request, the server will
 	// know to ignore the request if it has already been completed. The
 	// server will guarantee that for at least 60 minutes since the first
 	// request. For example, consider a situation where you make an initial
 	// request and t he request times out. If you make the request again
 	// with the same request ID, the server can check if original operation
 	// with the same request ID was received, and if so, will ignore the
 	// second request. This prevents clients from accidentally creating
 	// duplicate commitments. The request ID must be a valid UUID with the
 	// exception that zero UUID is not supported
 	// (00000000-0000-0000-0000-000000000000).
 	RequestId string `json:"requestId,omitempty"`

 	// ForceSendFields is a list of field names (e.g. "RequestId") to
 	// unconditionally include in API requests. By default, fields with
 	// empty values are omitted from API requests. However, any non-pointer,
 	// non-interface field appearing in ForceSendFields will be sent to the
 	// server regardless of whether the field is empty or not. This may be
 	// used to include empty fields in Patch requests.
 	ForceSendFields []string `json:"-"`

 	// NullFields is a list of field names (e.g. "RequestId") to include in
 	// API requests with the JSON null value. By default, fields with empty
 	// values are omitted from API requests. However, any field with an
 	// empty value appearing in NullFields will be sent to the server as
 	// null. It is an error if a field in this list has a non-empty value.
 	// This may be used to include null fields in Patch requests.
 	NullFields []string `json:"-"`
 }

 func (s *RestoreCertificateAuthorityRequest) MarshalJSON() ([]byte, error) {
 	type NoMethod RestoreCertificateAuthorityRequest
 	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }

 // ReusableConfig: A ReusableConfig refers to a managed
 // ReusableConfigValues. Those, in turn, are used to describe certain
 // fields of an X.509 certificate, such as the key usage fields, fields
 // specific to CA certificates, certificate policy extensions and custom
 // extensions.
 type ReusableConfig struct {
 	// CreateTime: Output only. The time at which this ReusableConfig was
 	// created.
 	CreateTime string `json:"createTime,omitempty"`

 	// Description: Optional. A human-readable description of scenarios
 	// these ReusableConfigValues may be compatible with.
 	Description string `json:"description,omitempty"`

 	// Labels: Optional. Labels with user-defined metadata.
 	Labels map[string]string `json:"labels,omitempty"`

 	// Name: Output only. The resource path for this ReusableConfig in the
 	// format `projects/*/locations/*/reusableConfigs/*`.
 	Name string `json:"name,omitempty"`

 	// UpdateTime: Output only. The time at which this ReusableConfig was
 	// updated.
 	UpdateTime string `json:"updateTime,omitempty"`

 	// Values: Required. The config values.
 	Values *ReusableConfigValues `json:"values,omitempty"`

 	// ServerResponse contains the HTTP response code and headers from the
 	// server.
 	googleapi.ServerResponse `json:"-"`

 	// ForceSendFields is a list of field names (e.g. "CreateTime") to
 	// unconditionally include in API requests. By default, fields with
 	// empty values are omitted from API requests. However, any non-pointer,
 	// non-interface field appearing in ForceSendFields will be sent to the
 	// server regardless of whether the field is empty or not. This may be
 	// used to include empty fields in Patch requests.
 	ForceSendFields []string `json:"-"`

 	// NullFields is a list of field names (e.g. "CreateTime") to include in
 	// API requests with the JSON null value. By default, fields with empty
 	// values are omitted from API requests. However, any field with an
 	// empty value appearing in NullFields will be sent to the server as
 	// null. It is an error if a field in this list has a non-empty value.
 	// This may be used to include null fields in Patch requests.
 	NullFields []string `json:"-"`
 }

 func (s *ReusableConfig) MarshalJSON() ([]byte, error) {
 	type NoMethod ReusableConfig
 	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }

 // ReusableConfigValues: A ReusableConfigValues is used to describe
 // certain fields of an X.509 certificate, such as the key usage fields,
 // fields specific to CA certificates, certificate policy extensions and
 // custom extensions.
 type ReusableConfigValues struct {
 	// AdditionalExtensions: Optional. Describes custom X.509 extensions.
 	AdditionalExtensions []*X509Extension `json:"additionalExtensions,omitempty"`

 	// AiaOcspServers: Optional. Describes Online Certificate Status
 	// Protocol (OCSP) endpoint addresses that appear in the "Authority
 	// Information Access" extension in the certificate.
 	AiaOcspServers []string `json:"aiaOcspServers,omitempty"`

 	// CaOptions: Optional. Describes options in this ReusableConfigValues
 	// that are relevant in a CA certificate.
 	CaOptions *CaOptions `json:"caOptions,omitempty"`

 	// KeyUsage: Optional. Indicates the intended use for keys that
 	// correspond to a certificate.
 	KeyUsage *KeyUsage `json:"keyUsage,omitempty"`

 	// PolicyIds: Optional. Describes the X.509 certificate policy object
 	// identifiers, per https://tools.ietf.org/html/rfc5280#section-4.2.1.4.
 	PolicyIds []*ObjectId `json:"policyIds,omitempty"`

 	// ForceSendFields is a list of field names (e.g.
 	// "AdditionalExtensions") to unconditionally include in API requests.
 	// By default, fields with empty values are omitted from API requests.
 	// However, any non-pointer, non-interface field appearing in
 	// ForceSendFields will be sent to the server regardless of whether the
 	// field is empty or not. This may be used to include empty fields in
 	// Patch requests.
 	ForceSendFields []string `json:"-"`

 	// NullFields is a list of field names (e.g. "AdditionalExtensions") to
 	// include in API requests with the JSON null value. By default, fields
 	// with empty values are omitted from API requests. However, any field
 	// with an empty value appearing in NullFields will be sent to the
 	// server as null. It is an error if a field in this list has a
 	// non-empty value. This may be used to include null fields in Patch
 	// requests.
 	NullFields []string `json:"-"`
 }

 func (s *ReusableConfigValues) MarshalJSON() ([]byte, error) {
 	type NoMethod ReusableConfigValues
 	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }

 // ReusableConfigWrapper: A ReusableConfigWrapper describes values that
 // may assist in creating an X.509 certificate, or a reference to a
 // pre-defined set of values.
 type ReusableConfigWrapper struct {
 	// ReusableConfig: Required. A resource path to a ReusableConfig in the
 	// format `projects/*/locations/*/reusableConfigs/*`.
 	ReusableConfig string `json:"reusableConfig,omitempty"`

 	// ReusableConfigValues: Required. A user-specified inline
 	// ReusableConfigValues.
 	ReusableConfigValues *ReusableConfigValues `json:"reusableConfigValues,omitempty"`

 	// ForceSendFields is a list of field names (e.g. "ReusableConfig") to
 	// unconditionally include in API requests. By default, fields with
 	// empty values are omitted from API requests. However, any non-pointer,
 	// non-interface field appearing in ForceSendFields will be sent to the
 	// server regardless of whether the field is empty or not. This may be
 	// used to include empty fields in Patch requests.
 	ForceSendFields []string `json:"-"`

 	// NullFields is a list of field names (e.g. "ReusableConfig") to
 	// include in API requests with the JSON null value. By default, fields
 	// with empty values are omitted from API requests. However, any field
 	// with an empty value appearing in NullFields will be sent to the
 	// server as null. It is an error if a field in this list has a
 	// non-empty value. This may be used to include null fields in Patch
 	// requests.
 	NullFields []string `json:"-"`
 }

 func (s *ReusableConfigWrapper) MarshalJSON() ([]byte, error) {
 	type NoMethod ReusableConfigWrapper
 	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }

 // RevocationDetails: Describes fields that are relavent to the
 // revocation of a Certificate.
 type RevocationDetails struct {
 	// RevocationState: Indicates why a Certificate was revoked.
 	//
 	// Possible values:
 	//   "REVOCATION_REASON_UNSPECIFIED" - Default unspecified value. This
 	// value does indicate that a Certificate has been revoked, but that a
 	// reason has not been recorded.
 	//   "KEY_COMPROMISE" - Key material for this Certificate may have
 	// leaked.
 	//   "CERTIFICATE_AUTHORITY_COMPROMISE" - The key material for a
 	// certificate authority in the issuing path may have leaked.
 	//   "AFFILIATION_CHANGED" - The subject or other attributes in this
 	// Certificate have changed.
 	//   "SUPERSEDED" - This Certificate has been superseded.
 	//   "CESSATION_OF_OPERATION" - This Certificate or entities in the
 	// issuing path have ceased to operate.
 	//   "CERTIFICATE_HOLD" - This Certificate should not be considered
 	// valid, it is expected that it may become valid in the future.
 	//   "PRIVILEGE_WITHDRAWN" - This Certificate no longer has permission
 	// to assert the listed attributes.
 	//   "ATTRIBUTE_AUTHORITY_COMPROMISE" - The authority which determines
 	// appropriate attributes for a Certificate may have been compromised.
 	RevocationState string `json:"revocationState,omitempty"`

 	// RevocationTime: The time at which this Certificate was revoked.
 	RevocationTime string `json:"revocationTime,omitempty"`

 	// ForceSendFields is a list of field names (e.g. "RevocationState") to
 	// unconditionally include in API requests. By default, fields with
 	// empty values are omitted from API requests. However, any non-pointer,
 	// non-interface field appearing in ForceSendFields will be sent to the
 	// server regardless of whether the field is empty or not. This may be
 	// used to include empty fields in Patch requests.
 	ForceSendFields []string `json:"-"`

 	// NullFields is a list of field names (e.g. "RevocationState") to
 	// include in API requests with the JSON null value. By default, fields
 	// with empty values are omitted from API requests. However, any field
 	// with an empty value appearing in NullFields will be sent to the
 	// server as null. It is an error if a field in this list has a
 	// non-empty value. This may be used to include null fields in Patch
 	// requests.
 	NullFields []string `json:"-"`
 }

 func (s *RevocationDetails) MarshalJSON() ([]byte, error) {
 	type NoMethod RevocationDetails
 	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }

 // RevokeCertificateRequest: Request message for
 // CertificateAuthorityService.RevokeCertificate.
 type RevokeCertificateRequest struct {
 	// Reason: Required. The RevocationReason for revoking this certificate.
 	//
 	// Possible values:
 	//   "REVOCATION_REASON_UNSPECIFIED" - Default unspecified value. This
 	// value does indicate that a Certificate has been revoked, but that a
 	// reason has not been recorded.
 	//   "KEY_COMPROMISE" - Key material for this Certificate may have
 	// leaked.
 	//   "CERTIFICATE_AUTHORITY_COMPROMISE" - The key material for a
 	// certificate authority in the issuing path may have leaked.
 	//   "AFFILIATION_CHANGED" - The subject or other attributes in this
 	// Certificate have changed.
 	//   "SUPERSEDED" - This Certificate has been superseded.
 	//   "CESSATION_OF_OPERATION" - This Certificate or entities in the
 	// issuing path have ceased to operate.
 	//   "CERTIFICATE_HOLD" - This Certificate should not be considered
 	// valid, it is expected that it may become valid in the future.
 	//   "PRIVILEGE_WITHDRAWN" - This Certificate no longer has permission
 	// to assert the listed attributes.
 	//   "ATTRIBUTE_AUTHORITY_COMPROMISE" - The authority which determines
 	// appropriate attributes for a Certificate may have been compromised.
 	Reason string `json:"reason,omitempty"`

 	// RequestId: Optional. An ID to identify requests. Specify a unique
 	// request ID so that if you must retry your request, the server will
 	// know to ignore the request if it has already been completed. The
 	// server will guarantee that for at least 60 minutes since the first
 	// request. For example, consider a situation where you make an initial
 	// request and t he request times out. If you make the request again
 	// with the same request ID, the server can check if original operation
 	// with the same request ID was received, and if so, will ignore the
 	// second request. This prevents clients from accidentally creating
 	// duplicate commitments. The request ID must be a valid UUID with the
 	// exception that zero UUID is not supported
 	// (00000000-0000-0000-0000-000000000000).
 	RequestId string `json:"requestId,omitempty"`

 	// ForceSendFields is a list of field names (e.g. "Reason") to
 	// unconditionally include in API requests. By default, fields with
 	// empty values are omitted from API requests. However, any non-pointer,
 	// non-interface field appearing in ForceSendFields will be sent to the
 	// server regardless of whether the field is empty or not. This may be
 	// used to include empty fields in Patch requests.
 	ForceSendFields []string `json:"-"`

 	// NullFields is a list of field names (e.g. "Reason") to include in API
 	// requests with the JSON null value. By default, fields with empty
 	// values are omitted from API requests. However, any field with an
 	// empty value appearing in NullFields will be sent to the server as
 	// null. It is an error if a field in this list has a non-empty value.
 	// This may be used to include null fields in Patch requests.
 	NullFields []string `json:"-"`
 }

 func (s *RevokeCertificateRequest) MarshalJSON() ([]byte, error) {
 	type NoMethod RevokeCertificateRequest
 	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }

 // RevokedCertificate: Describes a revoked Certificate.
 type RevokedCertificate struct {
 	// Certificate: The resource path for the Certificate in the format
 	// `projects/*/locations/*/certificateAuthorities/*/certificates/*`.
 	Certificate string `json:"certificate,omitempty"`

 	// HexSerialNumber: The serial number of the Certificate.
 	HexSerialNumber string `json:"hexSerialNumber,omitempty"`

 	// RevocationReason: The reason the Certificate was revoked.
 	//
 	// Possible values:
 	//   "REVOCATION_REASON_UNSPECIFIED" - Default unspecified value. This
 	// value does indicate that a Certificate has been revoked, but that a
 	// reason has not been recorded.
 	//   "KEY_COMPROMISE" - Key material for this Certificate may have
 	// leaked.
 	//   "CERTIFICATE_AUTHORITY_COMPROMISE" - The key material for a
 	// certificate authority in the issuing path may have leaked.
 	//   "AFFILIATION_CHANGED" - The subject or other attributes in this
 	// Certificate have changed.
 	//   "SUPERSEDED" - This Certificate has been superseded.
 	//   "CESSATION_OF_OPERATION" - This Certificate or entities in the
 	// issuing path have ceased to operate.
 	//   "CERTIFICATE_HOLD" - This Certificate should not be considered
 	// valid, it is expected that it may become valid in the future.
 	//   "PRIVILEGE_WITHDRAWN" - This Certificate no longer has permission
 	// to assert the listed attributes.
 	//   "ATTRIBUTE_AUTHORITY_COMPROMISE" - The authority which determines
 	// appropriate attributes for a Certificate may have been compromised.
 	RevocationReason string `json:"revocationReason,omitempty"`

 	// ForceSendFields is a list of field names (e.g. "Certificate") to
 	// unconditionally include in API requests. By default, fields with
 	// empty values are omitted from API requests. However, any non-pointer,
 	// non-interface field appearing in ForceSendFields will be sent to the
 	// server regardless of whether the field is empty or not. This may be
 	// used to include empty fields in Patch requests.
 	ForceSendFields []string `json:"-"`

 	// NullFields is a list of field names (e.g. "Certificate") to include
 	// in API requests with the JSON null value. By default, fields with
 	// empty values are omitted from API requests. However, any field with
 	// an empty value appearing in NullFields will be sent to the server as
 	// null. It is an error if a field in this list has a non-empty value.
 	// This may be used to include null fields in Patch requests.
 	NullFields []string `json:"-"`
 }

 func (s *RevokedCertificate) MarshalJSON() ([]byte, error) {
 	type NoMethod RevokedCertificate
 	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }

 // ScheduleDeleteCertificateAuthorityRequest: Request message for
 // CertificateAuthorityService.ScheduleDeleteCertificateAuthority.
 type ScheduleDeleteCertificateAuthorityRequest struct {
 	// IgnoreActiveCertificates: Optional. This field allows the CA to be
 	// scheduled for deletion even if the CA has active certs. Active certs
 	// include both unrevoked and unexpired certs.
 	IgnoreActiveCertificates bool `json:"ignoreActiveCertificates,omitempty"`

 	// RequestId: Optional. An ID to identify requests. Specify a unique
 	// request ID so that if you must retry your request, the server will
 	// know to ignore the request if it has already been completed. The
 	// server will guarantee that for at least 60 minutes since the first
 	// request. For example, consider a situation where you make an initial
 	// request and t he request times out. If you make the request again
 	// with the same request ID, the server can check if original operation
 	// with the same request ID was received, and if so, will ignore the
 	// second request. This prevents clients from accidentally creating
 	// duplicate commitments. The request ID must be a valid UUID with the
 	// exception that zero UUID is not supported
 	// (00000000-0000-0000-0000-000000000000).
 	RequestId string `json:"requestId,omitempty"`

 	// ForceSendFields is a list of field names (e.g.
 	// "IgnoreActiveCertificates") to unconditionally include in API
 	// requests. By default, fields with empty values are omitted from API
 	// requests. However, any non-pointer, non-interface field appearing in
 	// ForceSendFields will be sent to the server regardless of whether the
 	// field is empty or not. This may be used to include empty fields in
 	// Patch requests.
 	ForceSendFields []string `json:"-"`

 	// NullFields is a list of field names (e.g. "IgnoreActiveCertificates")
 	// to include in API requests with the JSON null value. By default,
 	// fields with empty values are omitted from API requests. However, any
 	// field with an empty value appearing in NullFields will be sent to the
 	// server as null. It is an error if a field in this list has a
 	// non-empty value. This may be used to include null fields in Patch
 	// requests.
 	NullFields []string `json:"-"`
 }

 func (s *ScheduleDeleteCertificateAuthorityRequest) MarshalJSON() ([]byte, error) {
 	type NoMethod ScheduleDeleteCertificateAuthorityRequest
 	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }

 // SetIamPolicyRequest: Request message for `SetIamPolicy` method.
 type SetIamPolicyRequest struct {
 	// Policy: REQUIRED: The complete policy to be applied to the
 	// `resource`. The size of the policy is limited to a few 10s of KB. An
 	// empty policy is a valid policy but certain Cloud Platform services
 	// (such as Projects) might reject them.
 	Policy *Policy `json:"policy,omitempty"`

 	// UpdateMask: OPTIONAL: A FieldMask specifying which fields of the
 	// policy to modify. Only the fields in the mask will be modified. If no
 	// mask is provided, the following default mask is used: `paths:
 	// "bindings, etag"
 	UpdateMask string `json:"updateMask,omitempty"`

 	// ForceSendFields is a list of field names (e.g. "Policy") to
 	// unconditionally include in API requests. By default, fields with
 	// empty values are omitted from API requests. However, any non-pointer,
 	// non-interface field appearing in ForceSendFields will be sent to the
 	// server regardless of whether the field is empty or not. This may be
 	// used to include empty fields in Patch requests.
 	ForceSendFields []string `json:"-"`

 	// NullFields is a list of field names (e.g. "Policy") to include in API
 	// requests with the JSON null value. By default, fields with empty
 	// values are omitted from API requests. However, any field with an
 	// empty value appearing in NullFields will be sent to the server as
 	// null. It is an error if a field in this list has a non-empty value.
 	// This may be used to include null fields in Patch requests.
 	NullFields []string `json:"-"`
 }

 func (s *SetIamPolicyRequest) MarshalJSON() ([]byte, error) {
 	type NoMethod SetIamPolicyRequest
 	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }

 // Status: The `Status` type defines a logical error model that is
 // suitable for different programming environments, including REST APIs
 // and RPC APIs. It is used by gRPC (https://github.com/grpc). Each
 // `Status` message contains three pieces of data: error code, error
 // message, and error details. You can find out more about this error
 // model and how to work with it in the API Design Guide
 // (https://cloud.google.com/apis/design/errors).
 type Status struct {
 	// Code: The status code, which should be an enum value of
 	// google.rpc.Code.
 	Code int64 `json:"code,omitempty"`

 	// Details: A list of messages that carry the error details. There is a
 	// common set of message types for APIs to use.
 	Details []googleapi.RawMessage `json:"details,omitempty"`

 	// Message: A developer-facing error message, which should be in
 	// English. Any user-facing error message should be localized and sent
 	// in the google.rpc.Status.details field, or localized by the client.
 	Message string `json:"message,omitempty"`

 	// ForceSendFields is a list of field names (e.g. "Code") to
 	// unconditionally include in API requests. By default, fields with
 	// empty values are omitted from API requests. However, any non-pointer,
 	// non-interface field appearing in ForceSendFields will be sent to the
 	// server regardless of whether the field is empty or not. This may be
 	// used to include empty fields in Patch requests.
 	ForceSendFields []string `json:"-"`

 	// NullFields is a list of field names (e.g. "Code") to include in API
 	// requests with the JSON null value. By default, fields with empty
 	// values are omitted from API requests. However, any field with an
 	// empty value appearing in NullFields will be sent to the server as
 	// null. It is an error if a field in this list has a non-empty value.
 	// This may be used to include null fields in Patch requests.
 	NullFields []string `json:"-"`
 }

 func (s *Status) MarshalJSON() ([]byte, error) {
 	type NoMethod Status
 	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }

 // Subject: Subject describes parts of a distinguished name that, in
 // turn, describes the subject of the certificate.
 type Subject struct {
 	// CountryCode: The country code of the subject.
 	CountryCode string `json:"countryCode,omitempty"`

 	// Locality: The locality or city of the subject.
 	Locality string `json:"locality,omitempty"`

 	// Organization: The organization of the subject.
 	Organization string `json:"organization,omitempty"`

 	// OrganizationalUnit: The organizational_unit of the subject.
 	OrganizationalUnit string `json:"organizationalUnit,omitempty"`

 	// PostalCode: The postal code of the subject.
 	PostalCode string `json:"postalCode,omitempty"`

 	// Province: The province, territory, or regional state of the subject.
 	Province string `json:"province,omitempty"`

 	// StreetAddress: The street address of the subject.
 	StreetAddress string `json:"streetAddress,omitempty"`

 	// ForceSendFields is a list of field names (e.g. "CountryCode") to
 	// unconditionally include in API requests. By default, fields with
 	// empty values are omitted from API requests. However, any non-pointer,
 	// non-interface field appearing in ForceSendFields will be sent to the
 	// server regardless of whether the field is empty or not. This may be
 	// used to include empty fields in Patch requests.
 	ForceSendFields []string `json:"-"`

 	// NullFields is a list of field names (e.g. "CountryCode") to include
 	// in API requests with the JSON null value. By default, fields with
 	// empty values are omitted from API requests. However, any field with
 	// an empty value appearing in NullFields will be sent to the server as
 	// null. It is an error if a field in this list has a non-empty value.
 	// This may be used to include null fields in Patch requests.
 	NullFields []string `json:"-"`
 }

 func (s *Subject) MarshalJSON() ([]byte, error) {
 	type NoMethod Subject
 	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }

 // SubjectAltNames: SubjectAltNames corresponds to a more modern way of
 // listing what the asserted identity is in a certificate (i.e.,
 // compared to the "common name" in the distinguished name).
 type SubjectAltNames struct {
 	// CustomSans: Contains additional subject alternative name values.
 	CustomSans []*X509Extension `json:"customSans,omitempty"`

 	// DnsNames: Contains only valid, fully-qualified host names.
 	DnsNames []string `json:"dnsNames,omitempty"`

 	// EmailAddresses: Contains only valid RFC 2822 E-mail addresses.
 	EmailAddresses []string `json:"emailAddresses,omitempty"`

 	// IpAddresses: Contains only valid 32-bit IPv4 addresses or RFC 4291
 	// IPv6 addresses.
 	IpAddresses []string `json:"ipAddresses,omitempty"`

 	// Uris: Contains only valid RFC 3986 URIs.
 	Uris []string `json:"uris,omitempty"`

 	// ForceSendFields is a list of field names (e.g. "CustomSans") to
 	// unconditionally include in API requests. By default, fields with
 	// empty values are omitted from API requests. However, any non-pointer,
 	// non-interface field appearing in ForceSendFields will be sent to the
 	// server regardless of whether the field is empty or not. This may be
 	// used to include empty fields in Patch requests.
 	ForceSendFields []string `json:"-"`

 	// NullFields is a list of field names (e.g. "CustomSans") to include in
 	// API requests with the JSON null value. By default, fields with empty
 	// values are omitted from API requests. However, any field with an
 	// empty value appearing in NullFields will be sent to the server as
 	// null. It is an error if a field in this list has a non-empty value.
 	// This may be used to include null fields in Patch requests.
 	NullFields []string `json:"-"`
 }

 func (s *SubjectAltNames) MarshalJSON() ([]byte, error) {
 	type NoMethod SubjectAltNames
 	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }

 // SubjectConfig: These values are used to create the distinguished name
 // and subject alternative name fields in an X.509 certificate.
 type SubjectConfig struct {
 	// CommonName: Optional. The "common name" of the distinguished name.
 	CommonName string `json:"commonName,omitempty"`

 	// Subject: Required. Contains distinguished name fields such as the
 	// location and organization.
 	Subject *Subject `json:"subject,omitempty"`

 	// SubjectAltName: Optional. The subject alternative name fields.
 	SubjectAltName *SubjectAltNames `json:"subjectAltName,omitempty"`

 	// ForceSendFields is a list of field names (e.g. "CommonName") to
 	// unconditionally include in API requests. By default, fields with
 	// empty values are omitted from API requests. However, any non-pointer,
 	// non-interface field appearing in ForceSendFields will be sent to the
 	// server regardless of whether the field is empty or not. This may be
 	// used to include empty fields in Patch requests.
 	ForceSendFields []string `json:"-"`

 	// NullFields is a list of field names (e.g. "CommonName") to include in
 	// API requests with the JSON null value. By default, fields with empty
 	// values are omitted from API requests. However, any field with an
 	// empty value appearing in NullFields will be sent to the server as
 	// null. It is an error if a field in this list has a non-empty value.
 	// This may be used to include null fields in Patch requests.
 	NullFields []string `json:"-"`
 }

 func (s *SubjectConfig) MarshalJSON() ([]byte, error) {
 	type NoMethod SubjectConfig
 	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }

 // SubjectDescription: These values describe fields in an issued X.509
 // certificate such as the distinguished name, subject alternative
 // names, serial number, and lifetime.
 type SubjectDescription struct {
 	// CommonName: The "common name" of the distinguished name.
 	CommonName string `json:"commonName,omitempty"`

 	// HexSerialNumber: The serial number encoded in lowercase hexadecimal.
 	HexSerialNumber string `json:"hexSerialNumber,omitempty"`

 	// Lifetime: For convenience, the actual lifetime of an issued
 	// certificate. Corresponds to 'not_after_time' - 'not_before_time'.
 	Lifetime string `json:"lifetime,omitempty"`

 	// NotAfterTime: The time at which the certificate expires.
 	NotAfterTime string `json:"notAfterTime,omitempty"`

 	// NotBeforeTime: The time at which the certificate becomes valid.
 	NotBeforeTime string `json:"notBeforeTime,omitempty"`

 	// Subject: Contains distinguished name fields such as the location and
 	// organization.
 	Subject *Subject `json:"subject,omitempty"`

 	// SubjectAltName: The subject alternative name fields.
 	SubjectAltName *SubjectAltNames `json:"subjectAltName,omitempty"`

 	// ForceSendFields is a list of field names (e.g. "CommonName") to
 	// unconditionally include in API requests. By default, fields with
 	// empty values are omitted from API requests. However, any non-pointer,
 	// non-interface field appearing in ForceSendFields will be sent to the
 	// server regardless of whether the field is empty or not. This may be
 	// used to include empty fields in Patch requests.
 	ForceSendFields []string `json:"-"`

 	// NullFields is a list of field names (e.g. "CommonName") to include in
 	// API requests with the JSON null value. By default, fields with empty
 	// values are omitted from API requests. However, any field with an
 	// empty value appearing in NullFields will be sent to the server as
 	// null. It is an error if a field in this list has a non-empty value.
 	// This may be used to include null fields in Patch requests.
 	NullFields []string `json:"-"`
 }

 func (s *SubjectDescription) MarshalJSON() ([]byte, error) {
 	type NoMethod SubjectDescription
 	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }

 // SubordinateConfig: Describes a subordinate CA's issuers. This is
 // either a resource path to a known issuing CertificateAuthority, or a
 // PEM issuer certificate chain.
 type SubordinateConfig struct {
 	// CertificateAuthority: Required. This can refer to a
 	// CertificateAuthority in the same project that was used to create a
 	// subordinate CertificateAuthority. This field is used for information
 	// and usability purposes only. The resource name is in the format
 	// `projects/*/locations/*/certificateAuthorities/*`.
 	CertificateAuthority string `json:"certificateAuthority,omitempty"`

 	// PemIssuerChain: Required. Contains the PEM certificate chain for the
 	// issuers of this CertificateAuthority, but not pem certificate for
 	// this CA itself.
 	PemIssuerChain *SubordinateConfigChain `json:"pemIssuerChain,omitempty"`

 	// ForceSendFields is a list of field names (e.g.
 	// "CertificateAuthority") to unconditionally include in API requests.
 	// By default, fields with empty values are omitted from API requests.
 	// However, any non-pointer, non-interface field appearing in
 	// ForceSendFields will be sent to the server regardless of whether the
 	// field is empty or not. This may be used to include empty fields in
 	// Patch requests.
 	ForceSendFields []string `json:"-"`

 	// NullFields is a list of field names (e.g. "CertificateAuthority") to
 	// include in API requests with the JSON null value. By default, fields
 	// with empty values are omitted from API requests. However, any field
 	// with an empty value appearing in NullFields will be sent to the
 	// server as null. It is an error if a field in this list has a
 	// non-empty value. This may be used to include null fields in Patch
 	// requests.
 	NullFields []string `json:"-"`
 }

 func (s *SubordinateConfig) MarshalJSON() ([]byte, error) {
 	type NoMethod SubordinateConfig
 	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }

 // SubordinateConfigChain: This message describes a subordinate CA's
 // issuer certificate chain. This wrapper exists for compatibility
 // reasons.
 type SubordinateConfigChain struct {
 	// PemCertificates: Required. Expected to be in leaf-to-root order
 	// according to RFC 5246.
 	PemCertificates []string `json:"pemCertificates,omitempty"`

 	// ForceSendFields is a list of field names (e.g. "PemCertificates") to
 	// unconditionally include in API requests. By default, fields with
 	// empty values are omitted from API requests. However, any non-pointer,
 	// non-interface field appearing in ForceSendFields will be sent to the
 	// server regardless of whether the field is empty or not. This may be
 	// used to include empty fields in Patch requests.
 	ForceSendFields []string `json:"-"`

 	// NullFields is a list of field names (e.g. "PemCertificates") to
 	// include in API requests with the JSON null value. By default, fields
 	// with empty values are omitted from API requests. However, any field
 	// with an empty value appearing in NullFields will be sent to the
 	// server as null. It is an error if a field in this list has a
 	// non-empty value. This may be used to include null fields in Patch
 	// requests.
 	NullFields []string `json:"-"`
 }

 func (s *SubordinateConfigChain) MarshalJSON() ([]byte, error) {
 	type NoMethod SubordinateConfigChain
 	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }

 // TestIamPermissionsRequest: Request message for `TestIamPermissions`
 // method.
 type TestIamPermissionsRequest struct {
 	// Permissions: The set of permissions to check for the `resource`.
 	// Permissions with wildcards (such as '*' or 'storage.*') are not
 	// allowed. For more information see IAM Overview
 	// (https://cloud.google.com/iam/docs/overview#permissions).
 	Permissions []string `json:"permissions,omitempty"`

 	// ForceSendFields is a list of field names (e.g. "Permissions") to
 	// unconditionally include in API requests. By default, fields with
 	// empty values are omitted from API requests. However, any non-pointer,
 	// non-interface field appearing in ForceSendFields will be sent to the
 	// server regardless of whether the field is empty or not. This may be
 	// used to include empty fields in Patch requests.
 	ForceSendFields []string `json:"-"`

 	// NullFields is a list of field names (e.g. "Permissions") to include
 	// in API requests with the JSON null value. By default, fields with
 	// empty values are omitted from API requests. However, any field with
 	// an empty value appearing in NullFields will be sent to the server as
 	// null. It is an error if a field in this list has a non-empty value.
 	// This may be used to include null fields in Patch requests.
 	NullFields []string `json:"-"`
 }

 func (s *TestIamPermissionsRequest) MarshalJSON() ([]byte, error) {
 	type NoMethod TestIamPermissionsRequest
 	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }

 // TestIamPermissionsResponse: Response message for `TestIamPermissions`
 // method.
 type TestIamPermissionsResponse struct {
 	// Permissions: A subset of `TestPermissionsRequest.permissions` that
 	// the caller is allowed.
 	Permissions []string `json:"permissions,omitempty"`

 	// ServerResponse contains the HTTP response code and headers from the
 	// server.
 	googleapi.ServerResponse `json:"-"`

 	// ForceSendFields is a list of field names (e.g. "Permissions") to
 	// unconditionally include in API requests. By default, fields with
 	// empty values are omitted from API requests. However, any non-pointer,
 	// non-interface field appearing in ForceSendFields will be sent to the
 	// server regardless of whether the field is empty or not. This may be
 	// used to include empty fields in Patch requests.
 	ForceSendFields []string `json:"-"`

 	// NullFields is a list of field names (e.g. "Permissions") to include
 	// in API requests with the JSON null value. By default, fields with
 	// empty values are omitted from API requests. However, any field with
 	// an empty value appearing in NullFields will be sent to the server as
 	// null. It is an error if a field in this list has a non-empty value.
 	// This may be used to include null fields in Patch requests.
 	NullFields []string `json:"-"`
 }

 func (s *TestIamPermissionsResponse) MarshalJSON() ([]byte, error) {
 	type NoMethod TestIamPermissionsResponse
 	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }

 // X509Extension: An X509Extension specifies an X.509 extension, which
 // may be used in different parts of X.509 objects like certificates,
 // CSRs, and CRLs.
 type X509Extension struct {
 	// Critical: Required. Indicates whether or not this extension is
 	// critical (i.e., if the client does not know how to handle this
 	// extension, the client should consider this to be an error).
 	Critical bool `json:"critical,omitempty"`

 	// ObjectId: Required. The OID for this X.509 extension.
 	ObjectId *ObjectId `json:"objectId,omitempty"`

 	// Value: Required. The value of this X.509 extension.
 	Value string `json:"value,omitempty"`

 	// ForceSendFields is a list of field names (e.g. "Critical") to
 	// unconditionally include in API requests. By default, fields with
 	// empty values are omitted from API requests. However, any non-pointer,
 	// non-interface field appearing in ForceSendFields will be sent to the
 	// server regardless of whether the field is empty or not. This may be
 	// used to include empty fields in Patch requests.
 	ForceSendFields []string `json:"-"`

 	// NullFields is a list of field names (e.g. "Critical") to include in
 	// API requests with the JSON null value. By default, fields with empty
 	// values are omitted from API requests. However, any field with an
 	// empty value appearing in NullFields will be sent to the server as
 	// null. It is an error if a field in this list has a non-empty value.
 	// This may be used to include null fields in Patch requests.
 	NullFields []string `json:"-"`
 }

 func (s *X509Extension) MarshalJSON() ([]byte, error) {
 	type NoMethod X509Extension
 	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }

 // method id "privateca.projects.locations.get":

 type ProjectsLocationsGetCall struct {
 	s            *Service
 	name         string
 	urlParams_   gensupport.URLParams
 	ifNoneMatch_ string
 	ctx_         context.Context
 	header_      http.Header
 }

 // Get: Gets information about a location.
 func (r *ProjectsLocationsService) Get(name string) *ProjectsLocationsGetCall {
 	c := &ProjectsLocationsGetCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 	c.name = name
 	return c
 }

 // Fields allows partial responses to be retrieved. See
 // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
 // for more information.
 func (c *ProjectsLocationsGetCall) Fields(s ...googleapi.Field) *ProjectsLocationsGetCall {
 	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 	return c
 }

 // IfNoneMatch sets the optional parameter which makes the operation
 // fail if the object's ETag matches the given value. This is useful for
 // getting updates only after the object has changed since the last
 // request. Use googleapi.IsNotModified to check whether the response
 // error from Do is the result of In-None-Match.
 func (c *ProjectsLocationsGetCall) IfNoneMatch(entityTag string) *ProjectsLocationsGetCall {
 	c.ifNoneMatch_ = entityTag
 	return c
 }

 // Context sets the context to be used in this call's Do method. Any
 // pending HTTP request will be aborted if the provided context is
 // canceled.
 func (c *ProjectsLocationsGetCall) Context(ctx context.Context) *ProjectsLocationsGetCall {
 	c.ctx_ = ctx
 	return c
 }

 // Header returns an http.Header that can be modified by the caller to
 // add HTTP headers to the request.
 func (c *ProjectsLocationsGetCall) Header() http.Header {
 	if c.header_ == nil {
 		c.header_ = make(http.Header)
 	}
 	return c.header_
 }

 func (c *ProjectsLocationsGetCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
 	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210211")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
 	reqHeaders.Set("User-Agent", c.s.userAgent())
 	if c.ifNoneMatch_ != "" {
 		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
 	}
 	var body io.Reader = nil
 	c.urlParams_.Set("alt", alt)
 	c.urlParams_.Set("prettyPrint", "false")
 	urls := googleapi.ResolveRelative(c.s.BasePath, "v1beta1/{+name}")
 	urls += "?" + c.urlParams_.Encode()
 	req, err := http.NewRequest("GET", urls, body)
 	if err != nil {
 		return nil, err
 	}
 	req.Header = reqHeaders
 	googleapi.Expand(req.URL, map[string]string{
 		"name": c.name,
 	})
 	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 }

 // Do executes the "privateca.projects.locations.get" call.
 // Exactly one of *Location or error will be non-nil. Any non-2xx status
 // code is an error. Response headers are in either
 // *Location.ServerResponse.Header or (if a response was returned at
 // all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified
 // to check whether the returned error was because
 // http.StatusNotModified was returned.
 func (c *ProjectsLocationsGetCall) Do(opts ...googleapi.CallOption) (*Location, error) {
 	gensupport.SetOptions(c.urlParams_, opts...)
 	res, err := c.doRequest("json")
 	if res != nil && res.StatusCode == http.StatusNotModified {
 		if res.Body != nil {
 			res.Body.Close()
 		}
 		return nil, &googleapi.Error{
 			Code:   res.StatusCode,
 			Header: res.Header,
 		}
 	}
 	if err != nil {
 		return nil, err
 	}
 	defer googleapi.CloseBody(res)
 	if err := googleapi.CheckResponse(res); err != nil {
 		return nil, err
 	}
 	ret := &Location{
 		ServerResponse: googleapi.ServerResponse{
 			Header:         res.Header,
 			HTTPStatusCode: res.StatusCode,
 		},
 	}
 	target := &ret
 	if err := gensupport.DecodeResponse(target, res); err != nil {
 		return nil, err
 	}
 	return ret, nil
 	// {
 	//   "description": "Gets information about a location.",
 	//   "flatPath": "v1beta1/projects/{projectsId}/locations/{locationsId}",
 	//   "httpMethod": "GET",
 	//   "id": "privateca.projects.locations.get",
 	//   "parameterOrder": [
 	//     "name"
 	//   ],
 	//   "parameters": {
 	//     "name": {
 	//       "description": "Resource name for the location.",
 	//       "location": "path",
 	//       "pattern": "^projects/[^/]+/locations/[^/]+$",
 	//       "required": true,
 	//       "type": "string"
 	//     }
 	//   },
 	//   "path": "v1beta1/{+name}",
 	//   "response": {
 	//     "$ref": "Location"
 	//   },
 	//   "scopes": [
 	//     "https://www.googleapis.com/auth/cloud-platform"
 	//   ]
 	// }

 }

 // method id "privateca.projects.locations.list":

 type ProjectsLocationsListCall struct {
 	s            *Service
 	name         string
 	urlParams_   gensupport.URLParams
 	ifNoneMatch_ string
 	ctx_         context.Context
 	header_      http.Header
 }

 // List: Lists information about the supported locations for this
 // service.
 func (r *ProjectsLocationsService) List(name string) *ProjectsLocationsListCall {
 	c := &ProjectsLocationsListCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 	c.name = name
 	return c
 }

 // Filter sets the optional parameter "filter": The standard list
 // filter.
 func (c *ProjectsLocationsListCall) Filter(filter string) *ProjectsLocationsListCall {
 	c.urlParams_.Set("filter", filter)
 	return c
 }

 // PageSize sets the optional parameter "pageSize": The standard list
 // page size.
 func (c *ProjectsLocationsListCall) PageSize(pageSize int64) *ProjectsLocationsListCall {
 	c.urlParams_.Set("pageSize", fmt.Sprint(pageSize))
 	return c
 }

 // PageToken sets the optional parameter "pageToken": The standard list
 // page token.
 func (c *ProjectsLocationsListCall) PageToken(pageToken string) *ProjectsLocationsListCall {
 	c.urlParams_.Set("pageToken", pageToken)
 	return c
 }

 // Fields allows partial responses to be retrieved. See
 // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
 // for more information.
 func (c *ProjectsLocationsListCall) Fields(s ...googleapi.Field) *ProjectsLocationsListCall {
 	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 	return c
 }

 // IfNoneMatch sets the optional parameter which makes the operation
 // fail if the object's ETag matches the given value. This is useful for
 // getting updates only after the object has changed since the last
 // request. Use googleapi.IsNotModified to check whether the response
 // error from Do is the result of In-None-Match.
 func (c *ProjectsLocationsListCall) IfNoneMatch(entityTag string) *ProjectsLocationsListCall {
 	c.ifNoneMatch_ = entityTag
 	return c
 }

 // Context sets the context to be used in this call's Do method. Any
 // pending HTTP request will be aborted if the provided context is
 // canceled.
 func (c *ProjectsLocationsListCall) Context(ctx context.Context) *ProjectsLocationsListCall {
 	c.ctx_ = ctx
 	return c
 }

 // Header returns an http.Header that can be modified by the caller to
 // add HTTP headers to the request.
 func (c *ProjectsLocationsListCall) Header() http.Header {
 	if c.header_ == nil {
 		c.header_ = make(http.Header)
 	}
 	return c.header_
 }

 func (c *ProjectsLocationsListCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
 	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210211")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
 	reqHeaders.Set("User-Agent", c.s.userAgent())
 	if c.ifNoneMatch_ != "" {
 		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
 	}
 	var body io.Reader = nil
 	c.urlParams_.Set("alt", alt)
 	c.urlParams_.Set("prettyPrint", "false")
 	urls := googleapi.ResolveRelative(c.s.BasePath, "v1beta1/{+name}/locations")
 	urls += "?" + c.urlParams_.Encode()
 	req, err := http.NewRequest("GET", urls, body)
 	if err != nil {
 		return nil, err
 	}
 	req.Header = reqHeaders
 	googleapi.Expand(req.URL, map[string]string{
 		"name": c.name,
 	})
 	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 }

 // Do executes the "privateca.projects.locations.list" call.
 // Exactly one of *ListLocationsResponse or error will be non-nil. Any
 // non-2xx status code is an error. Response headers are in either
 // *ListLocationsResponse.ServerResponse.Header or (if a response was
 // returned at all) in error.(*googleapi.Error).Header. Use
 // googleapi.IsNotModified to check whether the returned error was
 // because http.StatusNotModified was returned.
 func (c *ProjectsLocationsListCall) Do(opts ...googleapi.CallOption) (*ListLocationsResponse, error) {
 	gensupport.SetOptions(c.urlParams_, opts...)
 	res, err := c.doRequest("json")
 	if res != nil && res.StatusCode == http.StatusNotModified {
 		if res.Body != nil {
 			res.Body.Close()
 		}
 		return nil, &googleapi.Error{
 			Code:   res.StatusCode,
 			Header: res.Header,
 		}
 	}
 	if err != nil {
 		return nil, err
 	}
 	defer googleapi.CloseBody(res)
 	if err := googleapi.CheckResponse(res); err != nil {
 		return nil, err
 	}
 	ret := &ListLocationsResponse{
 		ServerResponse: googleapi.ServerResponse{
 			Header:         res.Header,
 			HTTPStatusCode: res.StatusCode,
 		},
 	}
 	target := &ret
 	if err := gensupport.DecodeResponse(target, res); err != nil {
 		return nil, err
 	}
 	return ret, nil
 	// {
 	//   "description": "Lists information about the supported locations for this service.",
 	//   "flatPath": "v1beta1/projects/{projectsId}/locations",
 	//   "httpMethod": "GET",
 	//   "id": "privateca.projects.locations.list",
 	//   "parameterOrder": [
 	//     "name"
 	//   ],
 	//   "parameters": {
 	//     "filter": {
 	//       "description": "The standard list filter.",
 	//       "location": "query",
 	//       "type": "string"
 	//     },
 	//     "name": {
 	//       "description": "The resource that owns the locations collection, if applicable.",
 	//       "location": "path",
 	//       "pattern": "^projects/[^/]+$",
 	//       "required": true,
 	//       "type": "string"
 	//     },
 	//     "pageSize": {
 	//       "description": "The standard list page size.",
 	//       "format": "int32",
 	//       "location": "query",
 	//       "type": "integer"
 	//     },
 	//     "pageToken": {
 	//       "description": "The standard list page token.",
 	//       "location": "query",
 	//       "type": "string"
 	//     }
 	//   },
 	//   "path": "v1beta1/{+name}/locations",
 	//   "response": {
 	//     "$ref": "ListLocationsResponse"
 	//   },
 	//   "scopes": [
 	//     "https://www.googleapis.com/auth/cloud-platform"
 	//   ]
 	// }

 }

 // Pages invokes f for each page of results.
 // A non-nil error returned from f will halt the iteration.
 // The provided context supersedes any context provided to the Context method.
 func (c *ProjectsLocationsListCall) Pages(ctx context.Context, f func(*ListLocationsResponse) error) error {
 	c.ctx_ = ctx
 	defer c.PageToken(c.urlParams_.Get("pageToken")) // reset paging to original point
 	for {
 		x, err := c.Do()
 		if err != nil {
 			return err
 		}
 		if err := f(x); err != nil {
 			return err
 		}
 		if x.NextPageToken == "" {
 			return nil
 		}
 		c.PageToken(x.NextPageToken)
 	}
 }

 // method id "privateca.projects.locations.certificateAuthorities.activate":

 type ProjectsLocationsCertificateAuthoritiesActivateCall struct {
 	s                                   *Service
 	name                                string
 	activatecertificateauthorityrequest *ActivateCertificateAuthorityRequest
 	urlParams_                          gensupport.URLParams
 	ctx_                                context.Context
 	header_                             http.Header
 }

 // Activate: Activate a CertificateAuthority that is in state
 // PENDING_ACTIVATION and is of type SUBORDINATE. After the parent
 // Certificate Authority signs a certificate signing request from
 // FetchCertificateAuthorityCsr, this method can complete the activation
 // process.
 func (r *ProjectsLocationsCertificateAuthoritiesService) Activate(name string, activatecertificateauthorityrequest *ActivateCertificateAuthorityRequest) *ProjectsLocationsCertificateAuthoritiesActivateCall {
 	c := &ProjectsLocationsCertificateAuthoritiesActivateCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 	c.name = name
 	c.activatecertificateauthorityrequest = activatecertificateauthorityrequest
 	return c
 }

 // Fields allows partial responses to be retrieved. See
 // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
 // for more information.
 func (c *ProjectsLocationsCertificateAuthoritiesActivateCall) Fields(s ...googleapi.Field) *ProjectsLocationsCertificateAuthoritiesActivateCall {
 	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 	return c
 }

 // Context sets the context to be used in this call's Do method. Any
 // pending HTTP request will be aborted if the provided context is
 // canceled.
 func (c *ProjectsLocationsCertificateAuthoritiesActivateCall) Context(ctx context.Context) *ProjectsLocationsCertificateAuthoritiesActivateCall {
 	c.ctx_ = ctx
 	return c
 }

 // Header returns an http.Header that can be modified by the caller to
 // add HTTP headers to the request.
 func (c *ProjectsLocationsCertificateAuthoritiesActivateCall) Header() http.Header {
 	if c.header_ == nil {
 		c.header_ = make(http.Header)
 	}
 	return c.header_
 }

 func (c *ProjectsLocationsCertificateAuthoritiesActivateCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
 	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210211")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
 	reqHeaders.Set("User-Agent", c.s.userAgent())
 	var body io.Reader = nil
 	body, err := googleapi.WithoutDataWrapper.JSONReader(c.activatecertificateauthorityrequest)
 	if err != nil {
 		return nil, err
 	}
 	reqHeaders.Set("Content-Type", "application/json")
 	c.urlParams_.Set("alt", alt)
 	c.urlParams_.Set("prettyPrint", "false")
 	urls := googleapi.ResolveRelative(c.s.BasePath, "v1beta1/{+name}:activate")
 	urls += "?" + c.urlParams_.Encode()
 	req, err := http.NewRequest("POST", urls, body)
 	if err != nil {
 		return nil, err
 	}
 	req.Header = reqHeaders
 	googleapi.Expand(req.URL, map[string]string{
 		"name": c.name,
 	})
 	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 }

 // Do executes the "privateca.projects.locations.certificateAuthorities.activate" call.
 // Exactly one of *Operation or error will be non-nil. Any non-2xx
 // status code is an error. Response headers are in either
 // *Operation.ServerResponse.Header or (if a response was returned at
 // all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified
 // to check whether the returned error was because
 // http.StatusNotModified was returned.
 func (c *ProjectsLocationsCertificateAuthoritiesActivateCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
 	gensupport.SetOptions(c.urlParams_, opts...)
 	res, err := c.doRequest("json")
 	if res != nil && res.StatusCode == http.StatusNotModified {
 		if res.Body != nil {
 			res.Body.Close()
 		}
 		return nil, &googleapi.Error{
 			Code:   res.StatusCode,
 			Header: res.Header,
 		}
 	}
 	if err != nil {
 		return nil, err
 	}
 	defer googleapi.CloseBody(res)
 	if err := googleapi.CheckResponse(res); err != nil {
 		return nil, err
 	}
 	ret := &Operation{
 		ServerResponse: googleapi.ServerResponse{
 			Header:         res.Header,
 			HTTPStatusCode: res.StatusCode,
 		},
 	}
 	target := &ret
 	if err := gensupport.DecodeResponse(target, res); err != nil {
 		return nil, err
 	}
 	return ret, nil
 	// {
 	//   "description": "Activate a CertificateAuthority that is in state PENDING_ACTIVATION and is of type SUBORDINATE. After the parent Certificate Authority signs a certificate signing request from FetchCertificateAuthorityCsr, this method can complete the activation process.",
 	//   "flatPath": "v1beta1/projects/{projectsId}/locations/{locationsId}/certificateAuthorities/{certificateAuthoritiesId}:activate",
 	//   "httpMethod": "POST",
 	//   "id": "privateca.projects.locations.certificateAuthorities.activate",
 	//   "parameterOrder": [
 	//     "name"
 	//   ],
 	//   "parameters": {
 	//     "name": {
 	//       "description": "Required. The resource name for this CertificateAuthority in the format `projects/*/locations/*/certificateAuthorities/*`.",
 	//       "location": "path",
 	//       "pattern": "^projects/[^/]+/locations/[^/]+/certificateAuthorities/[^/]+$",
 	//       "required": true,
 	//       "type": "string"
 	//     }
 	//   },
 	//   "path": "v1beta1/{+name}:activate",
 	//   "request": {
 	//     "$ref": "ActivateCertificateAuthorityRequest"
 	//   },
 	//   "response": {
 	//     "$ref": "Operation"
 	//   },
 	//   "scopes": [
 	//     "https://www.googleapis.com/auth/cloud-platform"
 	//   ]
 	// }

 }

 // method id "privateca.projects.locations.certificateAuthorities.create":

 type ProjectsLocationsCertificateAuthoritiesCreateCall struct {
 	s                    *Service
 	parent               string
 	certificateauthority *CertificateAuthority
 	urlParams_           gensupport.URLParams
 	ctx_                 context.Context
 	header_              http.Header
 }

 // Create: Create a new CertificateAuthority in a given Project and
 // Location.
 func (r *ProjectsLocationsCertificateAuthoritiesService) Create(parent string, certificateauthority *CertificateAuthority) *ProjectsLocationsCertificateAuthoritiesCreateCall {
 	c := &ProjectsLocationsCertificateAuthoritiesCreateCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 	c.parent = parent
 	c.certificateauthority = certificateauthority
 	return c
 }

 // CertificateAuthorityId sets the optional parameter
 // "certificateAuthorityId": Required. It must be unique within a
 // location and match the regular expression `[a-zA-Z0-9_-]{1,63}`
 func (c *ProjectsLocationsCertificateAuthoritiesCreateCall) CertificateAuthorityId(certificateAuthorityId string) *ProjectsLocationsCertificateAuthoritiesCreateCall {
 	c.urlParams_.Set("certificateAuthorityId", certificateAuthorityId)
 	return c
 }

 // RequestId sets the optional parameter "requestId": An ID to identify
 // requests. Specify a unique request ID so that if you must retry your
 // request, the server will know to ignore the request if it has already
 // been completed. The server will guarantee that for at least 60
 // minutes since the first request. For example, consider a situation
 // where you make an initial request and t he request times out. If you
 // make the request again with the same request ID, the server can check
 // if original operation with the same request ID was received, and if
 // so, will ignore the second request. This prevents clients from
 // accidentally creating duplicate commitments. The request ID must be a
 // valid UUID with the exception that zero UUID is not supported
 // (00000000-0000-0000-0000-000000000000).
 func (c *ProjectsLocationsCertificateAuthoritiesCreateCall) RequestId(requestId string) *ProjectsLocationsCertificateAuthoritiesCreateCall {
 	c.urlParams_.Set("requestId", requestId)
 	return c
 }

 // Fields allows partial responses to be retrieved. See
 // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
 // for more information.
 func (c *ProjectsLocationsCertificateAuthoritiesCreateCall) Fields(s ...googleapi.Field) *ProjectsLocationsCertificateAuthoritiesCreateCall {
 	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 	return c
 }

 // Context sets the context to be used in this call's Do method. Any
 // pending HTTP request will be aborted if the provided context is
 // canceled.
 func (c *ProjectsLocationsCertificateAuthoritiesCreateCall) Context(ctx context.Context) *ProjectsLocationsCertificateAuthoritiesCreateCall {
 	c.ctx_ = ctx
 	return c
 }

 // Header returns an http.Header that can be modified by the caller to
 // add HTTP headers to the request.
 func (c *ProjectsLocationsCertificateAuthoritiesCreateCall) Header() http.Header {
 	if c.header_ == nil {
 		c.header_ = make(http.Header)
 	}
 	return c.header_
 }

 func (c *ProjectsLocationsCertificateAuthoritiesCreateCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
 	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210211")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
 	reqHeaders.Set("User-Agent", c.s.userAgent())
 	var body io.Reader = nil
 	body, err := googleapi.WithoutDataWrapper.JSONReader(c.certificateauthority)
 	if err != nil {
 		return nil, err
 	}
 	reqHeaders.Set("Content-Type", "application/json")
 	c.urlParams_.Set("alt", alt)
 	c.urlParams_.Set("prettyPrint", "false")
 	urls := googleapi.ResolveRelative(c.s.BasePath, "v1beta1/{+parent}/certificateAuthorities")
 	urls += "?" + c.urlParams_.Encode()
 	req, err := http.NewRequest("POST", urls, body)
 	if err != nil {
 		return nil, err
 	}
 	req.Header = reqHeaders
 	googleapi.Expand(req.URL, map[string]string{
 		"parent": c.parent,
 	})
 	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 }

 // Do executes the "privateca.projects.locations.certificateAuthorities.create" call.
 // Exactly one of *Operation or error will be non-nil. Any non-2xx
 // status code is an error. Response headers are in either
 // *Operation.ServerResponse.Header or (if a response was returned at
 // all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified
 // to check whether the returned error was because
 // http.StatusNotModified was returned.
 func (c *ProjectsLocationsCertificateAuthoritiesCreateCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
 	gensupport.SetOptions(c.urlParams_, opts...)
 	res, err := c.doRequest("json")
 	if res != nil && res.StatusCode == http.StatusNotModified {
 		if res.Body != nil {
 			res.Body.Close()
 		}
 		return nil, &googleapi.Error{
 			Code:   res.StatusCode,
 			Header: res.Header,
 		}
 	}
 	if err != nil {
 		return nil, err
 	}
 	defer googleapi.CloseBody(res)
 	if err := googleapi.CheckResponse(res); err != nil {
 		return nil, err
 	}
 	ret := &Operation{
 		ServerResponse: googleapi.ServerResponse{
 			Header:         res.Header,
 			HTTPStatusCode: res.StatusCode,
 		},
 	}
 	target := &ret
 	if err := gensupport.DecodeResponse(target, res); err != nil {
 		return nil, err
 	}
 	return ret, nil
 	// {
 	//   "description": "Create a new CertificateAuthority in a given Project and Location.",
 	//   "flatPath": "v1beta1/projects/{projectsId}/locations/{locationsId}/certificateAuthorities",
 	//   "httpMethod": "POST",
 	//   "id": "privateca.projects.locations.certificateAuthorities.create",
 	//   "parameterOrder": [
 	//     "parent"
 	//   ],
 	//   "parameters": {
 	//     "certificateAuthorityId": {
 	//       "description": "Required. It must be unique within a location and match the regular expression `[a-zA-Z0-9_-]{1,63}`",
 	//       "location": "query",
 	//       "type": "string"
 	//     },
 	//     "parent": {
 	//       "description": "Required. The resource name of the location associated with the CertificateAuthorities, in the format `projects/*/locations/*`.",
 	//       "location": "path",
 	//       "pattern": "^projects/[^/]+/locations/[^/]+$",
 	//       "required": true,
 	//       "type": "string"
 	//     },
 	//     "requestId": {
 	//       "description": "Optional. An ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and t he request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
 	//       "location": "query",
 	//       "type": "string"
 	//     }
 	//   },
 	//   "path": "v1beta1/{+parent}/certificateAuthorities",
 	//   "request": {
 	//     "$ref": "CertificateAuthority"
 	//   },
 	//   "response": {
 	//     "$ref": "Operation"
 	//   },
 	//   "scopes": [
 	//     "https://www.googleapis.com/auth/cloud-platform"
 	//   ]
 	// }

 }

 // method id "privateca.projects.locations.certificateAuthorities.disable":

 type ProjectsLocationsCertificateAuthoritiesDisableCall struct {
 	s                                  *Service
 	name                               string
 	disablecertificateauthorityrequest *DisableCertificateAuthorityRequest
 	urlParams_                         gensupport.URLParams
 	ctx_                               context.Context
 	header_                            http.Header
 }

 // Disable: Disable a CertificateAuthority.
 func (r *ProjectsLocationsCertificateAuthoritiesService) Disable(name string, disablecertificateauthorityrequest *DisableCertificateAuthorityRequest) *ProjectsLocationsCertificateAuthoritiesDisableCall {
 	c := &ProjectsLocationsCertificateAuthoritiesDisableCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 	c.name = name
 	c.disablecertificateauthorityrequest = disablecertificateauthorityrequest
 	return c
 }

 // Fields allows partial responses to be retrieved. See
 // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
 // for more information.
 func (c *ProjectsLocationsCertificateAuthoritiesDisableCall) Fields(s ...googleapi.Field) *ProjectsLocationsCertificateAuthoritiesDisableCall {
 	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 	return c
 }

 // Context sets the context to be used in this call's Do method. Any
 // pending HTTP request will be aborted if the provided context is
 // canceled.
 func (c *ProjectsLocationsCertificateAuthoritiesDisableCall) Context(ctx context.Context) *ProjectsLocationsCertificateAuthoritiesDisableCall {
 	c.ctx_ = ctx
 	return c
 }

 // Header returns an http.Header that can be modified by the caller to
 // add HTTP headers to the request.
 func (c *ProjectsLocationsCertificateAuthoritiesDisableCall) Header() http.Header {
 	if c.header_ == nil {
 		c.header_ = make(http.Header)
 	}
 	return c.header_
 }

 func (c *ProjectsLocationsCertificateAuthoritiesDisableCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
 	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210211")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
 	reqHeaders.Set("User-Agent", c.s.userAgent())
 	var body io.Reader = nil
 	body, err := googleapi.WithoutDataWrapper.JSONReader(c.disablecertificateauthorityrequest)
 	if err != nil {
 		return nil, err
 	}
 	reqHeaders.Set("Content-Type", "application/json")
 	c.urlParams_.Set("alt", alt)
 	c.urlParams_.Set("prettyPrint", "false")
 	urls := googleapi.ResolveRelative(c.s.BasePath, "v1beta1/{+name}:disable")
 	urls += "?" + c.urlParams_.Encode()
 	req, err := http.NewRequest("POST", urls, body)
 	if err != nil {
 		return nil, err
 	}
 	req.Header = reqHeaders
 	googleapi.Expand(req.URL, map[string]string{
 		"name": c.name,
 	})
 	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 }

 // Do executes the "privateca.projects.locations.certificateAuthorities.disable" call.
 // Exactly one of *Operation or error will be non-nil. Any non-2xx
 // status code is an error. Response headers are in either
 // *Operation.ServerResponse.Header or (if a response was returned at
 // all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified
 // to check whether the returned error was because
 // http.StatusNotModified was returned.
 func (c *ProjectsLocationsCertificateAuthoritiesDisableCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
 	gensupport.SetOptions(c.urlParams_, opts...)
 	res, err := c.doRequest("json")
 	if res != nil && res.StatusCode == http.StatusNotModified {
 		if res.Body != nil {
 			res.Body.Close()
 		}
 		return nil, &googleapi.Error{
 			Code:   res.StatusCode,
 			Header: res.Header,
 		}
 	}
 	if err != nil {
 		return nil, err
 	}
 	defer googleapi.CloseBody(res)
 	if err := googleapi.CheckResponse(res); err != nil {
 		return nil, err
 	}
 	ret := &Operation{
 		ServerResponse: googleapi.ServerResponse{
 			Header:         res.Header,
 			HTTPStatusCode: res.StatusCode,
 		},
 	}
 	target := &ret
 	if err := gensupport.DecodeResponse(target, res); err != nil {
 		return nil, err
 	}
 	return ret, nil
 	// {
 	//   "description": "Disable a CertificateAuthority.",
 	//   "flatPath": "v1beta1/projects/{projectsId}/locations/{locationsId}/certificateAuthorities/{certificateAuthoritiesId}:disable",
 	//   "httpMethod": "POST",
 	//   "id": "privateca.projects.locations.certificateAuthorities.disable",
 	//   "parameterOrder": [
 	//     "name"
 	//   ],
 	//   "parameters": {
 	//     "name": {
 	//       "description": "Required. The resource name for this CertificateAuthority in the format `projects/*/locations/*/certificateAuthorities/*`.",
 	//       "location": "path",
 	//       "pattern": "^projects/[^/]+/locations/[^/]+/certificateAuthorities/[^/]+$",
 	//       "required": true,
 	//       "type": "string"
 	//     }
 	//   },
 	//   "path": "v1beta1/{+name}:disable",
 	//   "request": {
 	//     "$ref": "DisableCertificateAuthorityRequest"
 	//   },
 	//   "response": {
 	//     "$ref": "Operation"
 	//   },
 	//   "scopes": [
 	//     "https://www.googleapis.com/auth/cloud-platform"
 	//   ]
 	// }

 }

 // method id "privateca.projects.locations.certificateAuthorities.enable":

 type ProjectsLocationsCertificateAuthoritiesEnableCall struct {
 	s                                 *Service
 	name                              string
 	enablecertificateauthorityrequest *EnableCertificateAuthorityRequest
 	urlParams_                        gensupport.URLParams
 	ctx_                              context.Context
 	header_                           http.Header
 }

 // Enable: Enable a CertificateAuthority.
 func (r *ProjectsLocationsCertificateAuthoritiesService) Enable(name string, enablecertificateauthorityrequest *EnableCertificateAuthorityRequest) *ProjectsLocationsCertificateAuthoritiesEnableCall {
 	c := &ProjectsLocationsCertificateAuthoritiesEnableCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 	c.name = name
 	c.enablecertificateauthorityrequest = enablecertificateauthorityrequest
 	return c
 }

 // Fields allows partial responses to be retrieved. See
 // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
 // for more information.
 func (c *ProjectsLocationsCertificateAuthoritiesEnableCall) Fields(s ...googleapi.Field) *ProjectsLocationsCertificateAuthoritiesEnableCall {
 	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 	return c
 }

 // Context sets the context to be used in this call's Do method. Any
 // pending HTTP request will be aborted if the provided context is
 // canceled.
 func (c *ProjectsLocationsCertificateAuthoritiesEnableCall) Context(ctx context.Context) *ProjectsLocationsCertificateAuthoritiesEnableCall {
 	c.ctx_ = ctx
 	return c
 }

 // Header returns an http.Header that can be modified by the caller to
 // add HTTP headers to the request.
 func (c *ProjectsLocationsCertificateAuthoritiesEnableCall) Header() http.Header {
 	if c.header_ == nil {
 		c.header_ = make(http.Header)
 	}
 	return c.header_
 }

 func (c *ProjectsLocationsCertificateAuthoritiesEnableCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
 	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210211")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
 	reqHeaders.Set("User-Agent", c.s.userAgent())
 	var body io.Reader = nil
 	body, err := googleapi.WithoutDataWrapper.JSONReader(c.enablecertificateauthorityrequest)
 	if err != nil {
 		return nil, err
 	}
 	reqHeaders.Set("Content-Type", "application/json")
 	c.urlParams_.Set("alt", alt)
 	c.urlParams_.Set("prettyPrint", "false")
 	urls := googleapi.ResolveRelative(c.s.BasePath, "v1beta1/{+name}:enable")
 	urls += "?" + c.urlParams_.Encode()
 	req, err := http.NewRequest("POST", urls, body)
 	if err != nil {
 		return nil, err
 	}
 	req.Header = reqHeaders
 	googleapi.Expand(req.URL, map[string]string{
 		"name": c.name,
 	})
 	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 }

 // Do executes the "privateca.projects.locations.certificateAuthorities.enable" call.
 // Exactly one of *Operation or error will be non-nil. Any non-2xx
 // status code is an error. Response headers are in either
 // *Operation.ServerResponse.Header or (if a response was returned at
 // all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified
 // to check whether the returned error was because
 // http.StatusNotModified was returned.
 func (c *ProjectsLocationsCertificateAuthoritiesEnableCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
 	gensupport.SetOptions(c.urlParams_, opts...)
 	res, err := c.doRequest("json")
 	if res != nil && res.StatusCode == http.StatusNotModified {
 		if res.Body != nil {
 			res.Body.Close()
 		}
 		return nil, &googleapi.Error{
 			Code:   res.StatusCode,
 			Header: res.Header,
 		}
 	}
 	if err != nil {
 		return nil, err
 	}
 	defer googleapi.CloseBody(res)
 	if err := googleapi.CheckResponse(res); err != nil {
 		return nil, err
 	}
 	ret := &Operation{
 		ServerResponse: googleapi.ServerResponse{
 			Header:         res.Header,
 			HTTPStatusCode: res.StatusCode,
 		},
 	}
 	target := &ret
 	if err := gensupport.DecodeResponse(target, res); err != nil {
 		return nil, err
 	}
 	return ret, nil
 	// {
 	//   "description": "Enable a CertificateAuthority.",
 	//   "flatPath": "v1beta1/projects/{projectsId}/locations/{locationsId}/certificateAuthorities/{certificateAuthoritiesId}:enable",
 	//   "httpMethod": "POST",
 	//   "id": "privateca.projects.locations.certificateAuthorities.enable",
 	//   "parameterOrder": [
 	//     "name"
 	//   ],
 	//   "parameters": {
 	//     "name": {
 	//       "description": "Required. The resource name for this CertificateAuthority in the format `projects/*/locations/*/certificateAuthorities/*`.",
 	//       "location": "path",
 	//       "pattern": "^projects/[^/]+/locations/[^/]+/certificateAuthorities/[^/]+$",
 	//       "required": true,
 	//       "type": "string"
 	//     }
 	//   },
 	//   "path": "v1beta1/{+name}:enable",
 	//   "request": {
 	//     "$ref": "EnableCertificateAuthorityRequest"
 	//   },
 	//   "response": {
 	//     "$ref": "Operation"
 	//   },
 	//   "scopes": [
 	//     "https://www.googleapis.com/auth/cloud-platform"
 	//   ]
 	// }

 }

 // method id "privateca.projects.locations.certificateAuthorities.fetch":

 type ProjectsLocationsCertificateAuthoritiesFetchCall struct {
 	s            *Service
 	name         string
 	urlParams_   gensupport.URLParams
 	ifNoneMatch_ string
 	ctx_         context.Context
 	header_      http.Header
 }

 // Fetch: Fetch a certificate signing request (CSR) from a
 // CertificateAuthority that is in state PENDING_ACTIVATION and is of
 // type SUBORDINATE. The CSR must then be signed by the desired parent
 // Certificate Authority, which could be another CertificateAuthority
 // resource, or could be an on-prem certificate authority. See also
 // ActivateCertificateAuthority.
 func (r *ProjectsLocationsCertificateAuthoritiesService) Fetch(name string) *ProjectsLocationsCertificateAuthoritiesFetchCall {
 	c := &ProjectsLocationsCertificateAuthoritiesFetchCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 	c.name = name
 	return c
 }

 // Fields allows partial responses to be retrieved. See
 // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
 // for more information.
 func (c *ProjectsLocationsCertificateAuthoritiesFetchCall) Fields(s ...googleapi.Field) *ProjectsLocationsCertificateAuthoritiesFetchCall {
 	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 	return c
 }

 // IfNoneMatch sets the optional parameter which makes the operation
 // fail if the object's ETag matches the given value. This is useful for
 // getting updates only after the object has changed since the last
 // request. Use googleapi.IsNotModified to check whether the response
 // error from Do is the result of In-None-Match.
 func (c *ProjectsLocationsCertificateAuthoritiesFetchCall) IfNoneMatch(entityTag string) *ProjectsLocationsCertificateAuthoritiesFetchCall {
 	c.ifNoneMatch_ = entityTag
 	return c
 }

 // Context sets the context to be used in this call's Do method. Any
 // pending HTTP request will be aborted if the provided context is
 // canceled.
 func (c *ProjectsLocationsCertificateAuthoritiesFetchCall) Context(ctx context.Context) *ProjectsLocationsCertificateAuthoritiesFetchCall {
 	c.ctx_ = ctx
 	return c
 }

 // Header returns an http.Header that can be modified by the caller to
 // add HTTP headers to the request.
 func (c *ProjectsLocationsCertificateAuthoritiesFetchCall) Header() http.Header {
 	if c.header_ == nil {
 		c.header_ = make(http.Header)
 	}
 	return c.header_
 }

 func (c *ProjectsLocationsCertificateAuthoritiesFetchCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
 	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210211")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
 	reqHeaders.Set("User-Agent", c.s.userAgent())
 	if c.ifNoneMatch_ != "" {
 		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
 	}
 	var body io.Reader = nil
 	c.urlParams_.Set("alt", alt)
 	c.urlParams_.Set("prettyPrint", "false")
 	urls := googleapi.ResolveRelative(c.s.BasePath, "v1beta1/{+name}:fetch")
 	urls += "?" + c.urlParams_.Encode()
 	req, err := http.NewRequest("GET", urls, body)
 	if err != nil {
 		return nil, err
 	}
 	req.Header = reqHeaders
 	googleapi.Expand(req.URL, map[string]string{
 		"name": c.name,
 	})
 	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 }

 // Do executes the "privateca.projects.locations.certificateAuthorities.fetch" call.
 // Exactly one of *FetchCertificateAuthorityCsrResponse or error will be
 // non-nil. Any non-2xx status code is an error. Response headers are in
 // either *FetchCertificateAuthorityCsrResponse.ServerResponse.Header or
 // (if a response was returned at all) in
 // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
 // whether the returned error was because http.StatusNotModified was
 // returned.
 func (c *ProjectsLocationsCertificateAuthoritiesFetchCall) Do(opts ...googleapi.CallOption) (*FetchCertificateAuthorityCsrResponse, error) {
 	gensupport.SetOptions(c.urlParams_, opts...)
 	res, err := c.doRequest("json")
 	if res != nil && res.StatusCode == http.StatusNotModified {
 		if res.Body != nil {
 			res.Body.Close()
 		}
 		return nil, &googleapi.Error{
 			Code:   res.StatusCode,
 			Header: res.Header,
 		}
 	}
 	if err != nil {
 		return nil, err
 	}
 	defer googleapi.CloseBody(res)
 	if err := googleapi.CheckResponse(res); err != nil {
 		return nil, err
 	}
 	ret := &FetchCertificateAuthorityCsrResponse{
 		ServerResponse: googleapi.ServerResponse{
 			Header:         res.Header,
 			HTTPStatusCode: res.StatusCode,
 		},
 	}
 	target := &ret
 	if err := gensupport.DecodeResponse(target, res); err != nil {
 		return nil, err
 	}
 	return ret, nil
 	// {
 	//   "description": "Fetch a certificate signing request (CSR) from a CertificateAuthority that is in state PENDING_ACTIVATION and is of type SUBORDINATE. The CSR must then be signed by the desired parent Certificate Authority, which could be another CertificateAuthority resource, or could be an on-prem certificate authority. See also ActivateCertificateAuthority.",
 	//   "flatPath": "v1beta1/projects/{projectsId}/locations/{locationsId}/certificateAuthorities/{certificateAuthoritiesId}:fetch",
 	//   "httpMethod": "GET",
 	//   "id": "privateca.projects.locations.certificateAuthorities.fetch",
 	//   "parameterOrder": [
 	//     "name"
 	//   ],
 	//   "parameters": {
 	//     "name": {
 	//       "description": "Required. The resource name for this CertificateAuthority in the format `projects/*/locations/*/certificateAuthorities/*`.",
 	//       "location": "path",
 	//       "pattern": "^projects/[^/]+/locations/[^/]+/certificateAuthorities/[^/]+$",
 	//       "required": true,
 	//       "type": "string"
 	//     }
 	//   },
 	//   "path": "v1beta1/{+name}:fetch",
 	//   "response": {
 	//     "$ref": "FetchCertificateAuthorityCsrResponse"
 	//   },
 	//   "scopes": [
 	//     "https://www.googleapis.com/auth/cloud-platform"
 	//   ]
 	// }

 }

 // method id "privateca.projects.locations.certificateAuthorities.get":

 type ProjectsLocationsCertificateAuthoritiesGetCall struct {
 	s            *Service
 	name         string
 	urlParams_   gensupport.URLParams
 	ifNoneMatch_ string
 	ctx_         context.Context
 	header_      http.Header
 }

 // Get: Returns a CertificateAuthority.
 func (r *ProjectsLocationsCertificateAuthoritiesService) Get(name string) *ProjectsLocationsCertificateAuthoritiesGetCall {
 	c := &ProjectsLocationsCertificateAuthoritiesGetCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 	c.name = name
 	return c
 }

 // Fields allows partial responses to be retrieved. See
 // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
 // for more information.
 func (c *ProjectsLocationsCertificateAuthoritiesGetCall) Fields(s ...googleapi.Field) *ProjectsLocationsCertificateAuthoritiesGetCall {
 	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 	return c
 }

 // IfNoneMatch sets the optional parameter which makes the operation
 // fail if the object's ETag matches the given value. This is useful for
 // getting updates only after the object has changed since the last
 // request. Use googleapi.IsNotModified to check whether the response
 // error from Do is the result of In-None-Match.
 func (c *ProjectsLocationsCertificateAuthoritiesGetCall) IfNoneMatch(entityTag string) *ProjectsLocationsCertificateAuthoritiesGetCall {
 	c.ifNoneMatch_ = entityTag
 	return c
 }

 // Context sets the context to be used in this call's Do method. Any
 // pending HTTP request will be aborted if the provided context is
 // canceled.
 func (c *ProjectsLocationsCertificateAuthoritiesGetCall) Context(ctx context.Context) *ProjectsLocationsCertificateAuthoritiesGetCall {
 	c.ctx_ = ctx
 	return c
 }

 // Header returns an http.Header that can be modified by the caller to
 // add HTTP headers to the request.
 func (c *ProjectsLocationsCertificateAuthoritiesGetCall) Header() http.Header {
 	if c.header_ == nil {
 		c.header_ = make(http.Header)
 	}
 	return c.header_
 }

 func (c *ProjectsLocationsCertificateAuthoritiesGetCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
 	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210211")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
 	reqHeaders.Set("User-Agent", c.s.userAgent())
 	if c.ifNoneMatch_ != "" {
 		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
 	}
 	var body io.Reader = nil
 	c.urlParams_.Set("alt", alt)
 	c.urlParams_.Set("prettyPrint", "false")
 	urls := googleapi.ResolveRelative(c.s.BasePath, "v1beta1/{+name}")
 	urls += "?" + c.urlParams_.Encode()
 	req, err := http.NewRequest("GET", urls, body)
 	if err != nil {
 		return nil, err
 	}
 	req.Header = reqHeaders
 	googleapi.Expand(req.URL, map[string]string{
 		"name": c.name,
 	})
 	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 }

 // Do executes the "privateca.projects.locations.certificateAuthorities.get" call.
 // Exactly one of *CertificateAuthority or error will be non-nil. Any
 // non-2xx status code is an error. Response headers are in either
 // *CertificateAuthority.ServerResponse.Header or (if a response was
 // returned at all) in error.(*googleapi.Error).Header. Use
 // googleapi.IsNotModified to check whether the returned error was
 // because http.StatusNotModified was returned.
 func (c *ProjectsLocationsCertificateAuthoritiesGetCall) Do(opts ...googleapi.CallOption) (*CertificateAuthority, error) {
 	gensupport.SetOptions(c.urlParams_, opts...)
 	res, err := c.doRequest("json")
 	if res != nil && res.StatusCode == http.StatusNotModified {
 		if res.Body != nil {
 			res.Body.Close()
 		}
 		return nil, &googleapi.Error{
 			Code:   res.StatusCode,
 			Header: res.Header,
 		}
 	}
 	if err != nil {
 		return nil, err
 	}
 	defer googleapi.CloseBody(res)
 	if err := googleapi.CheckResponse(res); err != nil {
 		return nil, err
 	}
 	ret := &CertificateAuthority{
 		ServerResponse: googleapi.ServerResponse{
 			Header:         res.Header,
 			HTTPStatusCode: res.StatusCode,
 		},
 	}
 	target := &ret
 	if err := gensupport.DecodeResponse(target, res); err != nil {
 		return nil, err
 	}
 	return ret, nil
 	// {
 	//   "description": "Returns a CertificateAuthority.",
 	//   "flatPath": "v1beta1/projects/{projectsId}/locations/{locationsId}/certificateAuthorities/{certificateAuthoritiesId}",
 	//   "httpMethod": "GET",
 	//   "id": "privateca.projects.locations.certificateAuthorities.get",
 	//   "parameterOrder": [
 	//     "name"
 	//   ],
 	//   "parameters": {
 	//     "name": {
 	//       "description": "Required. The name of the CertificateAuthority to get.",
 	//       "location": "path",
 	//       "pattern": "^projects/[^/]+/locations/[^/]+/certificateAuthorities/[^/]+$",
 	//       "required": true,
 	//       "type": "string"
 	//     }
 	//   },
 	//   "path": "v1beta1/{+name}",
 	//   "response": {
 	//     "$ref": "CertificateAuthority"
 	//   },
 	//   "scopes": [
 	//     "https://www.googleapis.com/auth/cloud-platform"
 	//   ]
 	// }

 }

 // method id "privateca.projects.locations.certificateAuthorities.getIamPolicy":

 type ProjectsLocationsCertificateAuthoritiesGetIamPolicyCall struct {
 	s            *Service
 	resource     string
 	urlParams_   gensupport.URLParams
 	ifNoneMatch_ string
 	ctx_         context.Context
 	header_      http.Header
 }

 // GetIamPolicy: Gets the access control policy for a resource. Returns
 // an empty policy if the resource exists and does not have a policy
 // set.
 func (r *ProjectsLocationsCertificateAuthoritiesService) GetIamPolicy(resource string) *ProjectsLocationsCertificateAuthoritiesGetIamPolicyCall {
 	c := &ProjectsLocationsCertificateAuthoritiesGetIamPolicyCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 	c.resource = resource
 	return c
 }

 // OptionsRequestedPolicyVersion sets the optional parameter
 // "options.requestedPolicyVersion": The policy format version to be
 // returned. Valid values are 0, 1, and 3. Requests specifying an
 // invalid value will be rejected. Requests for policies with any
 // conditional bindings must specify version 3. Policies without any
 // conditional bindings may specify any valid value or leave the field
 // unset. To learn which resources support conditions in their IAM
 // policies, see the IAM documentation
 // (https://cloud.google.com/iam/help/conditions/resource-policies).
 func (c *ProjectsLocationsCertificateAuthoritiesGetIamPolicyCall) OptionsRequestedPolicyVersion(optionsRequestedPolicyVersion int64) *ProjectsLocationsCertificateAuthoritiesGetIamPolicyCall {
 	c.urlParams_.Set("options.requestedPolicyVersion", fmt.Sprint(optionsRequestedPolicyVersion))
 	return c
 }

 // Fields allows partial responses to be retrieved. See
 // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
 // for more information.
 func (c *ProjectsLocationsCertificateAuthoritiesGetIamPolicyCall) Fields(s ...googleapi.Field) *ProjectsLocationsCertificateAuthoritiesGetIamPolicyCall {
 	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 	return c
 }

 // IfNoneMatch sets the optional parameter which makes the operation
 // fail if the object's ETag matches the given value. This is useful for
 // getting updates only after the object has changed since the last
 // request. Use googleapi.IsNotModified to check whether the response
 // error from Do is the result of In-None-Match.
 func (c *ProjectsLocationsCertificateAuthoritiesGetIamPolicyCall) IfNoneMatch(entityTag string) *ProjectsLocationsCertificateAuthoritiesGetIamPolicyCall {
 	c.ifNoneMatch_ = entityTag
 	return c
 }

 // Context sets the context to be used in this call's Do method. Any
 // pending HTTP request will be aborted if the provided context is
 // canceled.
 func (c *ProjectsLocationsCertificateAuthoritiesGetIamPolicyCall) Context(ctx context.Context) *ProjectsLocationsCertificateAuthoritiesGetIamPolicyCall {
 	c.ctx_ = ctx
 	return c
 }

 // Header returns an http.Header that can be modified by the caller to
 // add HTTP headers to the request.
 func (c *ProjectsLocationsCertificateAuthoritiesGetIamPolicyCall) Header() http.Header {
 	if c.header_ == nil {
 		c.header_ = make(http.Header)
 	}
 	return c.header_
 }

 func (c *ProjectsLocationsCertificateAuthoritiesGetIamPolicyCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
 	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210211")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
 	reqHeaders.Set("User-Agent", c.s.userAgent())
 	if c.ifNoneMatch_ != "" {
 		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
 	}
 	var body io.Reader = nil
 	c.urlParams_.Set("alt", alt)
 	c.urlParams_.Set("prettyPrint", "false")
 	urls := googleapi.ResolveRelative(c.s.BasePath, "v1beta1/{+resource}:getIamPolicy")
 	urls += "?" + c.urlParams_.Encode()
 	req, err := http.NewRequest("GET", urls, body)
 	if err != nil {
 		return nil, err
 	}
 	req.Header = reqHeaders
 	googleapi.Expand(req.URL, map[string]string{
 		"resource": c.resource,
 	})
 	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 }

 // Do executes the "privateca.projects.locations.certificateAuthorities.getIamPolicy" call.
 // Exactly one of *Policy or error will be non-nil. Any non-2xx status
 // code is an error. Response headers are in either
 // *Policy.ServerResponse.Header or (if a response was returned at all)
 // in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to
 // check whether the returned error was because http.StatusNotModified
 // was returned.
 func (c *ProjectsLocationsCertificateAuthoritiesGetIamPolicyCall) Do(opts ...googleapi.CallOption) (*Policy, error) {
 	gensupport.SetOptions(c.urlParams_, opts...)
 	res, err := c.doRequest("json")
 	if res != nil && res.StatusCode == http.StatusNotModified {
 		if res.Body != nil {
 			res.Body.Close()
 		}
 		return nil, &googleapi.Error{
 			Code:   res.StatusCode,
 			Header: res.Header,
 		}
 	}
 	if err != nil {
 		return nil, err
 	}
 	defer googleapi.CloseBody(res)
 	if err := googleapi.CheckResponse(res); err != nil {
 		return nil, err
 	}
 	ret := &Policy{
 		ServerResponse: googleapi.ServerResponse{
 			Header:         res.Header,
 			HTTPStatusCode: res.StatusCode,
 		},
 	}
 	target := &ret
 	if err := gensupport.DecodeResponse(target, res); err != nil {
 		return nil, err
 	}
 	return ret, nil
 	// {
 	//   "description": "Gets the access control policy for a resource. Returns an empty policy if the resource exists and does not have a policy set.",
 	//   "flatPath": "v1beta1/projects/{projectsId}/locations/{locationsId}/certificateAuthorities/{certificateAuthoritiesId}:getIamPolicy",
 	//   "httpMethod": "GET",
 	//   "id": "privateca.projects.locations.certificateAuthorities.getIamPolicy",
 	//   "parameterOrder": [
 	//     "resource"
 	//   ],
 	//   "parameters": {
 	//     "options.requestedPolicyVersion": {
 	//       "description": "Optional. The policy format version to be returned. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).",
 	//       "format": "int32",
 	//       "location": "query",
 	//       "type": "integer"
 	//     },
 	//     "resource": {
 	//       "description": "REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field.",
 	//       "location": "path",
 	//       "pattern": "^projects/[^/]+/locations/[^/]+/certificateAuthorities/[^/]+$",
 	//       "required": true,
 	//       "type": "string"
 	//     }
 	//   },
 	//   "path": "v1beta1/{+resource}:getIamPolicy",
 	//   "response": {
 	//     "$ref": "Policy"
 	//   },
 	//   "scopes": [
 	//     "https://www.googleapis.com/auth/cloud-platform"
 	//   ]
 	// }

 }

 // method id "privateca.projects.locations.certificateAuthorities.list":

 type ProjectsLocationsCertificateAuthoritiesListCall struct {
 	s            *Service
 	parent       string
 	urlParams_   gensupport.URLParams
 	ifNoneMatch_ string
 	ctx_         context.Context
 	header_      http.Header
 }

 // List: Lists CertificateAuthorities.
 func (r *ProjectsLocationsCertificateAuthoritiesService) List(parent string) *ProjectsLocationsCertificateAuthoritiesListCall {
 	c := &ProjectsLocationsCertificateAuthoritiesListCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 	c.parent = parent
 	return c
 }

 // Filter sets the optional parameter "filter": Only include resources
 // that match the filter in the response.
 func (c *ProjectsLocationsCertificateAuthoritiesListCall) Filter(filter string) *ProjectsLocationsCertificateAuthoritiesListCall {
 	c.urlParams_.Set("filter", filter)
 	return c
 }

 // OrderBy sets the optional parameter "orderBy": Specify how the
 // results should be sorted.
 func (c *ProjectsLocationsCertificateAuthoritiesListCall) OrderBy(orderBy string) *ProjectsLocationsCertificateAuthoritiesListCall {
 	c.urlParams_.Set("orderBy", orderBy)
 	return c
 }

 // PageSize sets the optional parameter "pageSize": Limit on the number
 // of CertificateAuthorities to include in the response. Further
 // CertificateAuthorities can subsequently be obtained by including the
 // ListCertificateAuthoritiesResponse.next_page_token in a subsequent
 // request. If unspecified, the server will pick an appropriate default.
 func (c *ProjectsLocationsCertificateAuthoritiesListCall) PageSize(pageSize int64) *ProjectsLocationsCertificateAuthoritiesListCall {
 	c.urlParams_.Set("pageSize", fmt.Sprint(pageSize))
 	return c
 }

 // PageToken sets the optional parameter "pageToken": Pagination token,
 // returned earlier via
 // ListCertificateAuthoritiesResponse.next_page_token.
 func (c *ProjectsLocationsCertificateAuthoritiesListCall) PageToken(pageToken string) *ProjectsLocationsCertificateAuthoritiesListCall {
 	c.urlParams_.Set("pageToken", pageToken)
 	return c
 }

 // Fields allows partial responses to be retrieved. See
 // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
 // for more information.
 func (c *ProjectsLocationsCertificateAuthoritiesListCall) Fields(s ...googleapi.Field) *ProjectsLocationsCertificateAuthoritiesListCall {
 	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 	return c
 }

 // IfNoneMatch sets the optional parameter which makes the operation
 // fail if the object's ETag matches the given value. This is useful for
 // getting updates only after the object has changed since the last
 // request. Use googleapi.IsNotModified to check whether the response
 // error from Do is the result of In-None-Match.
 func (c *ProjectsLocationsCertificateAuthoritiesListCall) IfNoneMatch(entityTag string) *ProjectsLocationsCertificateAuthoritiesListCall {
 	c.ifNoneMatch_ = entityTag
 	return c
 }

 // Context sets the context to be used in this call's Do method. Any
 // pending HTTP request will be aborted if the provided context is
 // canceled.
 func (c *ProjectsLocationsCertificateAuthoritiesListCall) Context(ctx context.Context) *ProjectsLocationsCertificateAuthoritiesListCall {
 	c.ctx_ = ctx
 	return c
 }

 // Header returns an http.Header that can be modified by the caller to
 // add HTTP headers to the request.
 func (c *ProjectsLocationsCertificateAuthoritiesListCall) Header() http.Header {
 	if c.header_ == nil {
 		c.header_ = make(http.Header)
 	}
 	return c.header_
 }

 func (c *ProjectsLocationsCertificateAuthoritiesListCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
 	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210211")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
 	reqHeaders.Set("User-Agent", c.s.userAgent())
 	if c.ifNoneMatch_ != "" {
 		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
 	}
 	var body io.Reader = nil
 	c.urlParams_.Set("alt", alt)
 	c.urlParams_.Set("prettyPrint", "false")
 	urls := googleapi.ResolveRelative(c.s.BasePath, "v1beta1/{+parent}/certificateAuthorities")
 	urls += "?" + c.urlParams_.Encode()
 	req, err := http.NewRequest("GET", urls, body)
 	if err != nil {
 		return nil, err
 	}
 	req.Header = reqHeaders
 	googleapi.Expand(req.URL, map[string]string{
 		"parent": c.parent,
 	})
 	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 }

 // Do executes the "privateca.projects.locations.certificateAuthorities.list" call.
 // Exactly one of *ListCertificateAuthoritiesResponse or error will be
 // non-nil. Any non-2xx status code is an error. Response headers are in
 // either *ListCertificateAuthoritiesResponse.ServerResponse.Header or
 // (if a response was returned at all) in
 // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
 // whether the returned error was because http.StatusNotModified was
 // returned.
 func (c *ProjectsLocationsCertificateAuthoritiesListCall) Do(opts ...googleapi.CallOption) (*ListCertificateAuthoritiesResponse, error) {
 	gensupport.SetOptions(c.urlParams_, opts...)
 	res, err := c.doRequest("json")
 	if res != nil && res.StatusCode == http.StatusNotModified {
 		if res.Body != nil {
 			res.Body.Close()
 		}
 		return nil, &googleapi.Error{
 			Code:   res.StatusCode,
 			Header: res.Header,
 		}
 	}
 	if err != nil {
 		return nil, err
 	}
 	defer googleapi.CloseBody(res)
 	if err := googleapi.CheckResponse(res); err != nil {
 		return nil, err
 	}
 	ret := &ListCertificateAuthoritiesResponse{
 		ServerResponse: googleapi.ServerResponse{
 			Header:         res.Header,
 			HTTPStatusCode: res.StatusCode,
 		},
 	}
 	target := &ret
 	if err := gensupport.DecodeResponse(target, res); err != nil {
 		return nil, err
 	}
 	return ret, nil
 	// {
 	//   "description": "Lists CertificateAuthorities.",
 	//   "flatPath": "v1beta1/projects/{projectsId}/locations/{locationsId}/certificateAuthorities",
 	//   "httpMethod": "GET",
 	//   "id": "privateca.projects.locations.certificateAuthorities.list",
 	//   "parameterOrder": [
 	//     "parent"
 	//   ],
 	//   "parameters": {
 	//     "filter": {
 	//       "description": "Optional. Only include resources that match the filter in the response.",
 	//       "location": "query",
 	//       "type": "string"
 	//     },
 	//     "orderBy": {
 	//       "description": "Optional. Specify how the results should be sorted.",
 	//       "location": "query",
 	//       "type": "string"
 	//     },
 	//     "pageSize": {
 	//       "description": "Optional. Limit on the number of CertificateAuthorities to include in the response. Further CertificateAuthorities can subsequently be obtained by including the ListCertificateAuthoritiesResponse.next_page_token in a subsequent request. If unspecified, the server will pick an appropriate default.",
 	//       "format": "int32",
 	//       "location": "query",
 	//       "type": "integer"
 	//     },
 	//     "pageToken": {
 	//       "description": "Optional. Pagination token, returned earlier via ListCertificateAuthoritiesResponse.next_page_token.",
 	//       "location": "query",
 	//       "type": "string"
 	//     },
 	//     "parent": {
 	//       "description": "Required. The resource name of the location associated with the CertificateAuthorities, in the format `projects/*/locations/*`.",
 	//       "location": "path",
 	//       "pattern": "^projects/[^/]+/locations/[^/]+$",
 	//       "required": true,
 	//       "type": "string"
 	//     }
 	//   },
 	//   "path": "v1beta1/{+parent}/certificateAuthorities",
 	//   "response": {
 	//     "$ref": "ListCertificateAuthoritiesResponse"
 	//   },
 	//   "scopes": [
 	//     "https://www.googleapis.com/auth/cloud-platform"
 	//   ]
 	// }

 }

 // Pages invokes f for each page of results.
 // A non-nil error returned from f will halt the iteration.
 // The provided context supersedes any context provided to the Context method.
 func (c *ProjectsLocationsCertificateAuthoritiesListCall) Pages(ctx context.Context, f func(*ListCertificateAuthoritiesResponse) error) error {
 	c.ctx_ = ctx
 	defer c.PageToken(c.urlParams_.Get("pageToken")) // reset paging to original point
 	for {
 		x, err := c.Do()
 		if err != nil {
 			return err
 		}
 		if err := f(x); err != nil {
 			return err
 		}
 		if x.NextPageToken == "" {
 			return nil
 		}
 		c.PageToken(x.NextPageToken)
 	}
 }

 // method id "privateca.projects.locations.certificateAuthorities.patch":

 type ProjectsLocationsCertificateAuthoritiesPatchCall struct {
 	s                    *Service
 	name                 string
 	certificateauthority *CertificateAuthority
 	urlParams_           gensupport.URLParams
 	ctx_                 context.Context
 	header_              http.Header
 }

 // Patch: Update a CertificateAuthority.
 func (r *ProjectsLocationsCertificateAuthoritiesService) Patch(name string, certificateauthority *CertificateAuthority) *ProjectsLocationsCertificateAuthoritiesPatchCall {
 	c := &ProjectsLocationsCertificateAuthoritiesPatchCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 	c.name = name
 	c.certificateauthority = certificateauthority
 	return c
 }

 // RequestId sets the optional parameter "requestId": An ID to identify
 // requests. Specify a unique request ID so that if you must retry your
 // request, the server will know to ignore the request if it has already
 // been completed. The server will guarantee that for at least 60
 // minutes since the first request. For example, consider a situation
 // where you make an initial request and t he request times out. If you
 // make the request again with the same request ID, the server can check
 // if original operation with the same request ID was received, and if
 // so, will ignore the second request. This prevents clients from
 // accidentally creating duplicate commitments. The request ID must be a
 // valid UUID with the exception that zero UUID is not supported
 // (00000000-0000-0000-0000-000000000000).
 func (c *ProjectsLocationsCertificateAuthoritiesPatchCall) RequestId(requestId string) *ProjectsLocationsCertificateAuthoritiesPatchCall {
 	c.urlParams_.Set("requestId", requestId)
 	return c
 }

 // UpdateMask sets the optional parameter "updateMask": Required. A list
 // of fields to be updated in this request.
 func (c *ProjectsLocationsCertificateAuthoritiesPatchCall) UpdateMask(updateMask string) *ProjectsLocationsCertificateAuthoritiesPatchCall {
 	c.urlParams_.Set("updateMask", updateMask)
 	return c
 }

 // Fields allows partial responses to be retrieved. See
 // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
 // for more information.
 func (c *ProjectsLocationsCertificateAuthoritiesPatchCall) Fields(s ...googleapi.Field) *ProjectsLocationsCertificateAuthoritiesPatchCall {
 	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 	return c
 }

 // Context sets the context to be used in this call's Do method. Any
 // pending HTTP request will be aborted if the provided context is
 // canceled.
 func (c *ProjectsLocationsCertificateAuthoritiesPatchCall) Context(ctx context.Context) *ProjectsLocationsCertificateAuthoritiesPatchCall {
 	c.ctx_ = ctx
 	return c
 }

 // Header returns an http.Header that can be modified by the caller to
 // add HTTP headers to the request.
 func (c *ProjectsLocationsCertificateAuthoritiesPatchCall) Header() http.Header {
 	if c.header_ == nil {
 		c.header_ = make(http.Header)
 	}
 	return c.header_
 }

 func (c *ProjectsLocationsCertificateAuthoritiesPatchCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
 	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210211")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
 	reqHeaders.Set("User-Agent", c.s.userAgent())
 	var body io.Reader = nil
 	body, err := googleapi.WithoutDataWrapper.JSONReader(c.certificateauthority)
 	if err != nil {
 		return nil, err
 	}
 	reqHeaders.Set("Content-Type", "application/json")
 	c.urlParams_.Set("alt", alt)
 	c.urlParams_.Set("prettyPrint", "false")
 	urls := googleapi.ResolveRelative(c.s.BasePath, "v1beta1/{+name}")
 	urls += "?" + c.urlParams_.Encode()
 	req, err := http.NewRequest("PATCH", urls, body)
 	if err != nil {
 		return nil, err
 	}
 	req.Header = reqHeaders
 	googleapi.Expand(req.URL, map[string]string{
 		"name": c.name,
 	})
 	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 }

 // Do executes the "privateca.projects.locations.certificateAuthorities.patch" call.
 // Exactly one of *Operation or error will be non-nil. Any non-2xx
 // status code is an error. Response headers are in either
 // *Operation.ServerResponse.Header or (if a response was returned at
 // all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified
 // to check whether the returned error was because
 // http.StatusNotModified was returned.
 func (c *ProjectsLocationsCertificateAuthoritiesPatchCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
 	gensupport.SetOptions(c.urlParams_, opts...)
 	res, err := c.doRequest("json")
 	if res != nil && res.StatusCode == http.StatusNotModified {
 		if res.Body != nil {
 			res.Body.Close()
 		}
 		return nil, &googleapi.Error{
 			Code:   res.StatusCode,
 			Header: res.Header,
 		}
 	}
 	if err != nil {
 		return nil, err
 	}
 	defer googleapi.CloseBody(res)
 	if err := googleapi.CheckResponse(res); err != nil {
 		return nil, err
 	}
 	ret := &Operation{
 		ServerResponse: googleapi.ServerResponse{
 			Header:         res.Header,
 			HTTPStatusCode: res.StatusCode,
 		},
 	}
 	target := &ret
 	if err := gensupport.DecodeResponse(target, res); err != nil {
 		return nil, err
 	}
 	return ret, nil
 	// {
 	//   "description": "Update a CertificateAuthority.",
 	//   "flatPath": "v1beta1/projects/{projectsId}/locations/{locationsId}/certificateAuthorities/{certificateAuthoritiesId}",
 	//   "httpMethod": "PATCH",
 	//   "id": "privateca.projects.locations.certificateAuthorities.patch",
 	//   "parameterOrder": [
 	//     "name"
 	//   ],
 	//   "parameters": {
 	//     "name": {
 	//       "description": "Output only. The resource name for this CertificateAuthority in the format `projects/*/locations/*/certificateAuthorities/*`.",
 	//       "location": "path",
 	//       "pattern": "^projects/[^/]+/locations/[^/]+/certificateAuthorities/[^/]+$",
 	//       "required": true,
 	//       "type": "string"
 	//     },
 	//     "requestId": {
 	//       "description": "Optional. An ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and t he request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
 	//       "location": "query",
 	//       "type": "string"
 	//     },
 	//     "updateMask": {
 	//       "description": "Required. A list of fields to be updated in this request.",
 	//       "format": "google-fieldmask",
 	//       "location": "query",
 	//       "type": "string"
 	//     }
 	//   },
 	//   "path": "v1beta1/{+name}",
 	//   "request": {
 	//     "$ref": "CertificateAuthority"
 	//   },
 	//   "response": {
 	//     "$ref": "Operation"
 	//   },
 	//   "scopes": [
 	//     "https://www.googleapis.com/auth/cloud-platform"
 	//   ]
 	// }

 }

 // method id "privateca.projects.locations.certificateAuthorities.restore":

 type ProjectsLocationsCertificateAuthoritiesRestoreCall struct {
 	s                                  *Service
 	name                               string
 	restorecertificateauthorityrequest *RestoreCertificateAuthorityRequest
 	urlParams_                         gensupport.URLParams
 	ctx_                               context.Context
 	header_                            http.Header
 }

 // Restore: Restore a CertificateAuthority that is scheduled for
 // deletion.
 func (r *ProjectsLocationsCertificateAuthoritiesService) Restore(name string, restorecertificateauthorityrequest *RestoreCertificateAuthorityRequest) *ProjectsLocationsCertificateAuthoritiesRestoreCall {
 	c := &ProjectsLocationsCertificateAuthoritiesRestoreCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 	c.name = name
 	c.restorecertificateauthorityrequest = restorecertificateauthorityrequest
 	return c
 }

 // Fields allows partial responses to be retrieved. See
 // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
 // for more information.
 func (c *ProjectsLocationsCertificateAuthoritiesRestoreCall) Fields(s ...googleapi.Field) *ProjectsLocationsCertificateAuthoritiesRestoreCall {
 	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 	return c
 }

 // Context sets the context to be used in this call's Do method. Any
 // pending HTTP request will be aborted if the provided context is
 // canceled.
 func (c *ProjectsLocationsCertificateAuthoritiesRestoreCall) Context(ctx context.Context) *ProjectsLocationsCertificateAuthoritiesRestoreCall {
 	c.ctx_ = ctx
 	return c
 }

 // Header returns an http.Header that can be modified by the caller to
 // add HTTP headers to the request.
 func (c *ProjectsLocationsCertificateAuthoritiesRestoreCall) Header() http.Header {
 	if c.header_ == nil {
 		c.header_ = make(http.Header)
 	}
 	return c.header_
 }

 func (c *ProjectsLocationsCertificateAuthoritiesRestoreCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
 	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210211")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
 	reqHeaders.Set("User-Agent", c.s.userAgent())
 	var body io.Reader = nil
 	body, err := googleapi.WithoutDataWrapper.JSONReader(c.restorecertificateauthorityrequest)
 	if err != nil {
 		return nil, err
 	}
 	reqHeaders.Set("Content-Type", "application/json")
 	c.urlParams_.Set("alt", alt)
 	c.urlParams_.Set("prettyPrint", "false")
 	urls := googleapi.ResolveRelative(c.s.BasePath, "v1beta1/{+name}:restore")
 	urls += "?" + c.urlParams_.Encode()
 	req, err := http.NewRequest("POST", urls, body)
 	if err != nil {
 		return nil, err
 	}
 	req.Header = reqHeaders
 	googleapi.Expand(req.URL, map[string]string{
 		"name": c.name,
 	})
 	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 }

 // Do executes the "privateca.projects.locations.certificateAuthorities.restore" call.
 // Exactly one of *Operation or error will be non-nil. Any non-2xx
 // status code is an error. Response headers are in either
 // *Operation.ServerResponse.Header or (if a response was returned at
 // all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified
 // to check whether the returned error was because
 // http.StatusNotModified was returned.
 func (c *ProjectsLocationsCertificateAuthoritiesRestoreCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
 	gensupport.SetOptions(c.urlParams_, opts...)
 	res, err := c.doRequest("json")
 	if res != nil && res.StatusCode == http.StatusNotModified {
 		if res.Body != nil {
 			res.Body.Close()
 		}
 		return nil, &googleapi.Error{
 			Code:   res.StatusCode,
 			Header: res.Header,
 		}
 	}
 	if err != nil {
 		return nil, err
 	}
 	defer googleapi.CloseBody(res)
 	if err := googleapi.CheckResponse(res); err != nil {
 		return nil, err
 	}
 	ret := &Operation{
 		ServerResponse: googleapi.ServerResponse{
 			Header:         res.Header,
 			HTTPStatusCode: res.StatusCode,
 		},
 	}
 	target := &ret
 	if err := gensupport.DecodeResponse(target, res); err != nil {
 		return nil, err
 	}
 	return ret, nil
 	// {
 	//   "description": "Restore a CertificateAuthority that is scheduled for deletion.",
 	//   "flatPath": "v1beta1/projects/{projectsId}/locations/{locationsId}/certificateAuthorities/{certificateAuthoritiesId}:restore",
 	//   "httpMethod": "POST",
 	//   "id": "privateca.projects.locations.certificateAuthorities.restore",
 	//   "parameterOrder": [
 	//     "name"
 	//   ],
 	//   "parameters": {
 	//     "name": {
 	//       "description": "Required. The resource name for this CertificateAuthority in the format `projects/*/locations/*/certificateAuthorities/*`.",
 	//       "location": "path",
 	//       "pattern": "^projects/[^/]+/locations/[^/]+/certificateAuthorities/[^/]+$",
 	//       "required": true,
 	//       "type": "string"
 	//     }
 	//   },
 	//   "path": "v1beta1/{+name}:restore",
 	//   "request": {
 	//     "$ref": "RestoreCertificateAuthorityRequest"
 	//   },
 	//   "response": {
 	//     "$ref": "Operation"
 	//   },
 	//   "scopes": [
 	//     "https://www.googleapis.com/auth/cloud-platform"
 	//   ]
 	// }

 }

 // method id "privateca.projects.locations.certificateAuthorities.scheduleDelete":

 type ProjectsLocationsCertificateAuthoritiesScheduleDeleteCall struct {
 	s                                         *Service
 	name                                      string
 	scheduledeletecertificateauthorityrequest *ScheduleDeleteCertificateAuthorityRequest
 	urlParams_                                gensupport.URLParams
 	ctx_                                      context.Context
 	header_                                   http.Header
 }

 // ScheduleDelete: Schedule a CertificateAuthority for deletion.
 func (r *ProjectsLocationsCertificateAuthoritiesService) ScheduleDelete(name string, scheduledeletecertificateauthorityrequest *ScheduleDeleteCertificateAuthorityRequest) *ProjectsLocationsCertificateAuthoritiesScheduleDeleteCall {
 	c := &ProjectsLocationsCertificateAuthoritiesScheduleDeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 	c.name = name
 	c.scheduledeletecertificateauthorityrequest = scheduledeletecertificateauthorityrequest
 	return c
 }

 // Fields allows partial responses to be retrieved. See
 // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
 // for more information.
 func (c *ProjectsLocationsCertificateAuthoritiesScheduleDeleteCall) Fields(s ...googleapi.Field) *ProjectsLocationsCertificateAuthoritiesScheduleDeleteCall {
 	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 	return c
 }

 // Context sets the context to be used in this call's Do method. Any
 // pending HTTP request will be aborted if the provided context is
 // canceled.
 func (c *ProjectsLocationsCertificateAuthoritiesScheduleDeleteCall) Context(ctx context.Context) *ProjectsLocationsCertificateAuthoritiesScheduleDeleteCall {
 	c.ctx_ = ctx
 	return c
 }

 // Header returns an http.Header that can be modified by the caller to
 // add HTTP headers to the request.
 func (c *ProjectsLocationsCertificateAuthoritiesScheduleDeleteCall) Header() http.Header {
 	if c.header_ == nil {
 		c.header_ = make(http.Header)
 	}
 	return c.header_
 }

 func (c *ProjectsLocationsCertificateAuthoritiesScheduleDeleteCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
 	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210211")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
 	reqHeaders.Set("User-Agent", c.s.userAgent())
 	var body io.Reader = nil
 	body, err := googleapi.WithoutDataWrapper.JSONReader(c.scheduledeletecertificateauthorityrequest)
 	if err != nil {
 		return nil, err
 	}
 	reqHeaders.Set("Content-Type", "application/json")
 	c.urlParams_.Set("alt", alt)
 	c.urlParams_.Set("prettyPrint", "false")
 	urls := googleapi.ResolveRelative(c.s.BasePath, "v1beta1/{+name}:scheduleDelete")
 	urls += "?" + c.urlParams_.Encode()
 	req, err := http.NewRequest("POST", urls, body)
 	if err != nil {
 		return nil, err
 	}
 	req.Header = reqHeaders
 	googleapi.Expand(req.URL, map[string]string{
 		"name": c.name,
 	})
 	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 }

 // Do executes the "privateca.projects.locations.certificateAuthorities.scheduleDelete" call.
 // Exactly one of *Operation or error will be non-nil. Any non-2xx
 // status code is an error. Response headers are in either
 // *Operation.ServerResponse.Header or (if a response was returned at
 // all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified
 // to check whether the returned error was because
 // http.StatusNotModified was returned.
 func (c *ProjectsLocationsCertificateAuthoritiesScheduleDeleteCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
 	gensupport.SetOptions(c.urlParams_, opts...)
 	res, err := c.doRequest("json")
 	if res != nil && res.StatusCode == http.StatusNotModified {
 		if res.Body != nil {
 			res.Body.Close()
 		}
 		return nil, &googleapi.Error{
 			Code:   res.StatusCode,
 			Header: res.Header,
 		}
 	}
 	if err != nil {
 		return nil, err
 	}
 	defer googleapi.CloseBody(res)
 	if err := googleapi.CheckResponse(res); err != nil {
 		return nil, err
 	}
 	ret := &Operation{
 		ServerResponse: googleapi.ServerResponse{
 			Header:         res.Header,
 			HTTPStatusCode: res.StatusCode,
 		},
 	}
 	target := &ret
 	if err := gensupport.DecodeResponse(target, res); err != nil {
 		return nil, err
 	}
 	return ret, nil
 	// {
 	//   "description": "Schedule a CertificateAuthority for deletion.",
 	//   "flatPath": "v1beta1/projects/{projectsId}/locations/{locationsId}/certificateAuthorities/{certificateAuthoritiesId}:scheduleDelete",
 	//   "httpMethod": "POST",
 	//   "id": "privateca.projects.locations.certificateAuthorities.scheduleDelete",
 	//   "parameterOrder": [
 	//     "name"
 	//   ],
 	//   "parameters": {
 	//     "name": {
 	//       "description": "Required. The resource name for this CertificateAuthority in the format `projects/*/locations/*/certificateAuthorities/*`.",
 	//       "location": "path",
 	//       "pattern": "^projects/[^/]+/locations/[^/]+/certificateAuthorities/[^/]+$",
 	//       "required": true,
 	//       "type": "string"
 	//     }
 	//   },
 	//   "path": "v1beta1/{+name}:scheduleDelete",
 	//   "request": {
 	//     "$ref": "ScheduleDeleteCertificateAuthorityRequest"
 	//   },
 	//   "response": {
 	//     "$ref": "Operation"
 	//   },
 	//   "scopes": [
 	//     "https://www.googleapis.com/auth/cloud-platform"
 	//   ]
 	// }

 }

 // method id "privateca.projects.locations.certificateAuthorities.setIamPolicy":

 type ProjectsLocationsCertificateAuthoritiesSetIamPolicyCall struct {
 	s                   *Service
 	resource            string
 	setiampolicyrequest *SetIamPolicyRequest
 	urlParams_          gensupport.URLParams
 	ctx_                context.Context
 	header_             http.Header
 }

 // SetIamPolicy: Sets the access control policy on the specified
 // resource. Replaces any existing policy. Can return `NOT_FOUND`,
 // `INVALID_ARGUMENT`, and `PERMISSION_DENIED` errors.
 func (r *ProjectsLocationsCertificateAuthoritiesService) SetIamPolicy(resource string, setiampolicyrequest *SetIamPolicyRequest) *ProjectsLocationsCertificateAuthoritiesSetIamPolicyCall {
 	c := &ProjectsLocationsCertificateAuthoritiesSetIamPolicyCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 	c.resource = resource
 	c.setiampolicyrequest = setiampolicyrequest
 	return c
 }

 // Fields allows partial responses to be retrieved. See
 // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
 // for more information.
 func (c *ProjectsLocationsCertificateAuthoritiesSetIamPolicyCall) Fields(s ...googleapi.Field) *ProjectsLocationsCertificateAuthoritiesSetIamPolicyCall {
 	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 	return c
 }

 // Context sets the context to be used in this call's Do method. Any
 // pending HTTP request will be aborted if the provided context is
 // canceled.
 func (c *ProjectsLocationsCertificateAuthoritiesSetIamPolicyCall) Context(ctx context.Context) *ProjectsLocationsCertificateAuthoritiesSetIamPolicyCall {
 	c.ctx_ = ctx
 	return c
 }

 // Header returns an http.Header that can be modified by the caller to
 // add HTTP headers to the request.
 func (c *ProjectsLocationsCertificateAuthoritiesSetIamPolicyCall) Header() http.Header {
 	if c.header_ == nil {
 		c.header_ = make(http.Header)
 	}
 	return c.header_
 }

 func (c *ProjectsLocationsCertificateAuthoritiesSetIamPolicyCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
 	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210211")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
 	reqHeaders.Set("User-Agent", c.s.userAgent())
 	var body io.Reader = nil
 	body, err := googleapi.WithoutDataWrapper.JSONReader(c.setiampolicyrequest)
 	if err != nil {
 		return nil, err
 	}
 	reqHeaders.Set("Content-Type", "application/json")
 	c.urlParams_.Set("alt", alt)
 	c.urlParams_.Set("prettyPrint", "false")
 	urls := googleapi.ResolveRelative(c.s.BasePath, "v1beta1/{+resource}:setIamPolicy")
 	urls += "?" + c.urlParams_.Encode()
 	req, err := http.NewRequest("POST", urls, body)
 	if err != nil {
 		return nil, err
 	}
 	req.Header = reqHeaders
 	googleapi.Expand(req.URL, map[string]string{
 		"resource": c.resource,
 	})
 	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 }

 // Do executes the "privateca.projects.locations.certificateAuthorities.setIamPolicy" call.
 // Exactly one of *Policy or error will be non-nil. Any non-2xx status
 // code is an error. Response headers are in either
 // *Policy.ServerResponse.Header or (if a response was returned at all)
 // in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to
 // check whether the returned error was because http.StatusNotModified
 // was returned.
 func (c *ProjectsLocationsCertificateAuthoritiesSetIamPolicyCall) Do(opts ...googleapi.CallOption) (*Policy, error) {
 	gensupport.SetOptions(c.urlParams_, opts...)
 	res, err := c.doRequest("json")
 	if res != nil && res.StatusCode == http.StatusNotModified {
 		if res.Body != nil {
 			res.Body.Close()
 		}
 		return nil, &googleapi.Error{
 			Code:   res.StatusCode,
 			Header: res.Header,
 		}
 	}
 	if err != nil {
 		return nil, err
 	}
 	defer googleapi.CloseBody(res)
 	if err := googleapi.CheckResponse(res); err != nil {
 		return nil, err
 	}
 	ret := &Policy{
 		ServerResponse: googleapi.ServerResponse{
 			Header:         res.Header,
 			HTTPStatusCode: res.StatusCode,
 		},
 	}
 	target := &ret
 	if err := gensupport.DecodeResponse(target, res); err != nil {
 		return nil, err
 	}
 	return ret, nil
 	// {
 	//   "description": "Sets the access control policy on the specified resource. Replaces any existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and `PERMISSION_DENIED` errors.",
 	//   "flatPath": "v1beta1/projects/{projectsId}/locations/{locationsId}/certificateAuthorities/{certificateAuthoritiesId}:setIamPolicy",
 	//   "httpMethod": "POST",
 	//   "id": "privateca.projects.locations.certificateAuthorities.setIamPolicy",
 	//   "parameterOrder": [
 	//     "resource"
 	//   ],
 	//   "parameters": {
 	//     "resource": {
 	//       "description": "REQUIRED: The resource for which the policy is being specified. See the operation documentation for the appropriate value for this field.",
 	//       "location": "path",
 	//       "pattern": "^projects/[^/]+/locations/[^/]+/certificateAuthorities/[^/]+$",
 	//       "required": true,
 	//       "type": "string"
 	//     }
 	//   },
 	//   "path": "v1beta1/{+resource}:setIamPolicy",
 	//   "request": {
 	//     "$ref": "SetIamPolicyRequest"
 	//   },
 	//   "response": {
 	//     "$ref": "Policy"
 	//   },
 	//   "scopes": [
 	//     "https://www.googleapis.com/auth/cloud-platform"
 	//   ]
 	// }

 }

 // method id "privateca.projects.locations.certificateAuthorities.testIamPermissions":

 type ProjectsLocationsCertificateAuthoritiesTestIamPermissionsCall struct {
 	s                         *Service
 	resource                  string
 	testiampermissionsrequest *TestIamPermissionsRequest
 	urlParams_                gensupport.URLParams
 	ctx_                      context.Context
 	header_                   http.Header
 }

 // TestIamPermissions: Returns permissions that a caller has on the
 // specified resource. If the resource does not exist, this will return
 // an empty set of permissions, not a `NOT_FOUND` error. Note: This
 // operation is designed to be used for building permission-aware UIs
 // and command-line tools, not for authorization checking. This
 // operation may "fail open" without warning.
 func (r *ProjectsLocationsCertificateAuthoritiesService) TestIamPermissions(resource string, testiampermissionsrequest *TestIamPermissionsRequest) *ProjectsLocationsCertificateAuthoritiesTestIamPermissionsCall {
 	c := &ProjectsLocationsCertificateAuthoritiesTestIamPermissionsCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 	c.resource = resource
 	c.testiampermissionsrequest = testiampermissionsrequest
 	return c
 }

 // Fields allows partial responses to be retrieved. See
 // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
 // for more information.
 func (c *ProjectsLocationsCertificateAuthoritiesTestIamPermissionsCall) Fields(s ...googleapi.Field) *ProjectsLocationsCertificateAuthoritiesTestIamPermissionsCall {
 	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 	return c
 }

 // Context sets the context to be used in this call's Do method. Any
 // pending HTTP request will be aborted if the provided context is
 // canceled.
 func (c *ProjectsLocationsCertificateAuthoritiesTestIamPermissionsCall) Context(ctx context.Context) *ProjectsLocationsCertificateAuthoritiesTestIamPermissionsCall {
 	c.ctx_ = ctx
 	return c
 }

 // Header returns an http.Header that can be modified by the caller to
 // add HTTP headers to the request.
 func (c *ProjectsLocationsCertificateAuthoritiesTestIamPermissionsCall) Header() http.Header {
 	if c.header_ == nil {
 		c.header_ = make(http.Header)
 	}
 	return c.header_
 }

 func (c *ProjectsLocationsCertificateAuthoritiesTestIamPermissionsCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
 	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210211")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
 	reqHeaders.Set("User-Agent", c.s.userAgent())
 	var body io.Reader = nil
 	body, err := googleapi.WithoutDataWrapper.JSONReader(c.testiampermissionsrequest)
 	if err != nil {
 		return nil, err
 	}
 	reqHeaders.Set("Content-Type", "application/json")
 	c.urlParams_.Set("alt", alt)
 	c.urlParams_.Set("prettyPrint", "false")
 	urls := googleapi.ResolveRelative(c.s.BasePath, "v1beta1/{+resource}:testIamPermissions")
 	urls += "?" + c.urlParams_.Encode()
 	req, err := http.NewRequest("POST", urls, body)
 	if err != nil {
 		return nil, err
 	}
 	req.Header = reqHeaders
 	googleapi.Expand(req.URL, map[string]string{
 		"resource": c.resource,
 	})
 	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 }

 // Do executes the "privateca.projects.locations.certificateAuthorities.testIamPermissions" call.
 // Exactly one of *TestIamPermissionsResponse or error will be non-nil.
 // Any non-2xx status code is an error. Response headers are in either
 // *TestIamPermissionsResponse.ServerResponse.Header or (if a response
 // was returned at all) in error.(*googleapi.Error).Header. Use
 // googleapi.IsNotModified to check whether the returned error was
 // because http.StatusNotModified was returned.
 func (c *ProjectsLocationsCertificateAuthoritiesTestIamPermissionsCall) Do(opts ...googleapi.CallOption) (*TestIamPermissionsResponse, error) {
 	gensupport.SetOptions(c.urlParams_, opts...)
 	res, err := c.doRequest("json")
 	if res != nil && res.StatusCode == http.StatusNotModified {
 		if res.Body != nil {
 			res.Body.Close()
 		}
 		return nil, &googleapi.Error{
 			Code:   res.StatusCode,
 			Header: res.Header,
 		}
 	}
 	if err != nil {
 		return nil, err
 	}
 	defer googleapi.CloseBody(res)
 	if err := googleapi.CheckResponse(res); err != nil {
 		return nil, err
 	}
 	ret := &TestIamPermissionsResponse{
 		ServerResponse: googleapi.ServerResponse{
 			Header:         res.Header,
 			HTTPStatusCode: res.StatusCode,
 		},
 	}
 	target := &ret
 	if err := gensupport.DecodeResponse(target, res); err != nil {
 		return nil, err
 	}
 	return ret, nil
 	// {
 	//   "description": "Returns permissions that a caller has on the specified resource. If the resource does not exist, this will return an empty set of permissions, not a `NOT_FOUND` error. Note: This operation is designed to be used for building permission-aware UIs and command-line tools, not for authorization checking. This operation may \"fail open\" without warning.",
 	//   "flatPath": "v1beta1/projects/{projectsId}/locations/{locationsId}/certificateAuthorities/{certificateAuthoritiesId}:testIamPermissions",
 	//   "httpMethod": "POST",
 	//   "id": "privateca.projects.locations.certificateAuthorities.testIamPermissions",
 	//   "parameterOrder": [
 	//     "resource"
 	//   ],
 	//   "parameters": {
 	//     "resource": {
 	//       "description": "REQUIRED: The resource for which the policy detail is being requested. See the operation documentation for the appropriate value for this field.",
 	//       "location": "path",
 	//       "pattern": "^projects/[^/]+/locations/[^/]+/certificateAuthorities/[^/]+$",
 	//       "required": true,
 	//       "type": "string"
 	//     }
 	//   },
 	//   "path": "v1beta1/{+resource}:testIamPermissions",
 	//   "request": {
 	//     "$ref": "TestIamPermissionsRequest"
 	//   },
 	//   "response": {
 	//     "$ref": "TestIamPermissionsResponse"
 	//   },
 	//   "scopes": [
 	//     "https://www.googleapis.com/auth/cloud-platform"
 	//   ]
 	// }

 }

 // method id "privateca.projects.locations.certificateAuthorities.certificateRevocationLists.get":

 type ProjectsLocationsCertificateAuthoritiesCertificateRevocationListsGetCall struct {
 	s            *Service
 	name         string
 	urlParams_   gensupport.URLParams
 	ifNoneMatch_ string
 	ctx_         context.Context
 	header_      http.Header
 }

 // Get: Returns a CertificateRevocationList.
 func (r *ProjectsLocationsCertificateAuthoritiesCertificateRevocationListsService) Get(name string) *ProjectsLocationsCertificateAuthoritiesCertificateRevocationListsGetCall {
 	c := &ProjectsLocationsCertificateAuthoritiesCertificateRevocationListsGetCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 	c.name = name
 	return c
 }

 // Fields allows partial responses to be retrieved. See
 // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
 // for more information.
 func (c *ProjectsLocationsCertificateAuthoritiesCertificateRevocationListsGetCall) Fields(s ...googleapi.Field) *ProjectsLocationsCertificateAuthoritiesCertificateRevocationListsGetCall {
 	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 	return c
 }

 // IfNoneMatch sets the optional parameter which makes the operation
 // fail if the object's ETag matches the given value. This is useful for
 // getting updates only after the object has changed since the last
 // request. Use googleapi.IsNotModified to check whether the response
 // error from Do is the result of In-None-Match.
 func (c *ProjectsLocationsCertificateAuthoritiesCertificateRevocationListsGetCall) IfNoneMatch(entityTag string) *ProjectsLocationsCertificateAuthoritiesCertificateRevocationListsGetCall {
 	c.ifNoneMatch_ = entityTag
 	return c
 }

 // Context sets the context to be used in this call's Do method. Any
 // pending HTTP request will be aborted if the provided context is
 // canceled.
 func (c *ProjectsLocationsCertificateAuthoritiesCertificateRevocationListsGetCall) Context(ctx context.Context) *ProjectsLocationsCertificateAuthoritiesCertificateRevocationListsGetCall {
 	c.ctx_ = ctx
 	return c
 }

 // Header returns an http.Header that can be modified by the caller to
 // add HTTP headers to the request.
 func (c *ProjectsLocationsCertificateAuthoritiesCertificateRevocationListsGetCall) Header() http.Header {
 	if c.header_ == nil {
 		c.header_ = make(http.Header)
 	}
 	return c.header_
 }

 func (c *ProjectsLocationsCertificateAuthoritiesCertificateRevocationListsGetCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
 	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210211")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
 	reqHeaders.Set("User-Agent", c.s.userAgent())
 	if c.ifNoneMatch_ != "" {
 		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
 	}
 	var body io.Reader = nil
 	c.urlParams_.Set("alt", alt)
 	c.urlParams_.Set("prettyPrint", "false")
 	urls := googleapi.ResolveRelative(c.s.BasePath, "v1beta1/{+name}")
 	urls += "?" + c.urlParams_.Encode()
 	req, err := http.NewRequest("GET", urls, body)
 	if err != nil {
 		return nil, err
 	}
 	req.Header = reqHeaders
 	googleapi.Expand(req.URL, map[string]string{
 		"name": c.name,
 	})
 	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 }

 // Do executes the "privateca.projects.locations.certificateAuthorities.certificateRevocationLists.get" call.
 // Exactly one of *CertificateRevocationList or error will be non-nil.
 // Any non-2xx status code is an error. Response headers are in either
 // *CertificateRevocationList.ServerResponse.Header or (if a response
 // was returned at all) in error.(*googleapi.Error).Header. Use
 // googleapi.IsNotModified to check whether the returned error was
 // because http.StatusNotModified was returned.
 func (c *ProjectsLocationsCertificateAuthoritiesCertificateRevocationListsGetCall) Do(opts ...googleapi.CallOption) (*CertificateRevocationList, error) {
 	gensupport.SetOptions(c.urlParams_, opts...)
 	res, err := c.doRequest("json")
 	if res != nil && res.StatusCode == http.StatusNotModified {
 		if res.Body != nil {
 			res.Body.Close()
 		}
 		return nil, &googleapi.Error{
 			Code:   res.StatusCode,
 			Header: res.Header,
 		}
 	}
 	if err != nil {
 		return nil, err
 	}
 	defer googleapi.CloseBody(res)
 	if err := googleapi.CheckResponse(res); err != nil {
 		return nil, err
 	}
 	ret := &CertificateRevocationList{
 		ServerResponse: googleapi.ServerResponse{
 			Header:         res.Header,
 			HTTPStatusCode: res.StatusCode,
 		},
 	}
 	target := &ret
 	if err := gensupport.DecodeResponse(target, res); err != nil {
 		return nil, err
 	}
 	return ret, nil
 	// {
 	//   "description": "Returns a CertificateRevocationList.",
 	//   "flatPath": "v1beta1/projects/{projectsId}/locations/{locationsId}/certificateAuthorities/{certificateAuthoritiesId}/certificateRevocationLists/{certificateRevocationListsId}",
 	//   "httpMethod": "GET",
 	//   "id": "privateca.projects.locations.certificateAuthorities.certificateRevocationLists.get",
 	//   "parameterOrder": [
 	//     "name"
 	//   ],
 	//   "parameters": {
 	//     "name": {
 	//       "description": "Required. The name of the CertificateRevocationList to get.",
 	//       "location": "path",
 	//       "pattern": "^projects/[^/]+/locations/[^/]+/certificateAuthorities/[^/]+/certificateRevocationLists/[^/]+$",
 	//       "required": true,
 	//       "type": "string"
 	//     }
 	//   },
 	//   "path": "v1beta1/{+name}",
 	//   "response": {
 	//     "$ref": "CertificateRevocationList"
 	//   },
 	//   "scopes": [
 	//     "https://www.googleapis.com/auth/cloud-platform"
 	//   ]
 	// }

 }

 // method id "privateca.projects.locations.certificateAuthorities.certificateRevocationLists.getIamPolicy":

 type ProjectsLocationsCertificateAuthoritiesCertificateRevocationListsGetIamPolicyCall struct {
 	s            *Service
 	resource     string
 	urlParams_   gensupport.URLParams
 	ifNoneMatch_ string
 	ctx_         context.Context
 	header_      http.Header
 }

 // GetIamPolicy: Gets the access control policy for a resource. Returns
 // an empty policy if the resource exists and does not have a policy
 // set.
 func (r *ProjectsLocationsCertificateAuthoritiesCertificateRevocationListsService) GetIamPolicy(resource string) *ProjectsLocationsCertificateAuthoritiesCertificateRevocationListsGetIamPolicyCall {
 	c := &ProjectsLocationsCertificateAuthoritiesCertificateRevocationListsGetIamPolicyCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 	c.resource = resource
 	return c
 }

 // OptionsRequestedPolicyVersion sets the optional parameter
 // "options.requestedPolicyVersion": The policy format version to be
 // returned. Valid values are 0, 1, and 3. Requests specifying an
 // invalid value will be rejected. Requests for policies with any
 // conditional bindings must specify version 3. Policies without any
 // conditional bindings may specify any valid value or leave the field
 // unset. To learn which resources support conditions in their IAM
 // policies, see the IAM documentation
 // (https://cloud.google.com/iam/help/conditions/resource-policies).
 func (c *ProjectsLocationsCertificateAuthoritiesCertificateRevocationListsGetIamPolicyCall) OptionsRequestedPolicyVersion(optionsRequestedPolicyVersion int64) *ProjectsLocationsCertificateAuthoritiesCertificateRevocationListsGetIamPolicyCall {
 	c.urlParams_.Set("options.requestedPolicyVersion", fmt.Sprint(optionsRequestedPolicyVersion))
 	return c
 }

 // Fields allows partial responses to be retrieved. See
 // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
 // for more information.
 func (c *ProjectsLocationsCertificateAuthoritiesCertificateRevocationListsGetIamPolicyCall) Fields(s ...googleapi.Field) *ProjectsLocationsCertificateAuthoritiesCertificateRevocationListsGetIamPolicyCall {
 	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 	return c
 }

 // IfNoneMatch sets the optional parameter which makes the operation
 // fail if the object's ETag matches the given value. This is useful for
 // getting updates only after the object has changed since the last
 // request. Use googleapi.IsNotModified to check whether the response
 // error from Do is the result of In-None-Match.
 func (c *ProjectsLocationsCertificateAuthoritiesCertificateRevocationListsGetIamPolicyCall) IfNoneMatch(entityTag string) *ProjectsLocationsCertificateAuthoritiesCertificateRevocationListsGetIamPolicyCall {
 	c.ifNoneMatch_ = entityTag
 	return c
 }

 // Context sets the context to be used in this call's Do method. Any
 // pending HTTP request will be aborted if the provided context is
 // canceled.
 func (c *ProjectsLocationsCertificateAuthoritiesCertificateRevocationListsGetIamPolicyCall) Context(ctx context.Context) *ProjectsLocationsCertificateAuthoritiesCertificateRevocationListsGetIamPolicyCall {
 	c.ctx_ = ctx
 	return c
 }

 // Header returns an http.Header that can be modified by the caller to
 // add HTTP headers to the request.
 func (c *ProjectsLocationsCertificateAuthoritiesCertificateRevocationListsGetIamPolicyCall) Header() http.Header {
 	if c.header_ == nil {
 		c.header_ = make(http.Header)
 	}
 	return c.header_
 }

 func (c *ProjectsLocationsCertificateAuthoritiesCertificateRevocationListsGetIamPolicyCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
 	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210211")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
 	reqHeaders.Set("User-Agent", c.s.userAgent())
 	if c.ifNoneMatch_ != "" {
 		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
 	}
 	var body io.Reader = nil
 	c.urlParams_.Set("alt", alt)
 	c.urlParams_.Set("prettyPrint", "false")
 	urls := googleapi.ResolveRelative(c.s.BasePath, "v1beta1/{+resource}:getIamPolicy")
 	urls += "?" + c.urlParams_.Encode()
 	req, err := http.NewRequest("GET", urls, body)
 	if err != nil {
 		return nil, err
 	}
 	req.Header = reqHeaders
 	googleapi.Expand(req.URL, map[string]string{
 		"resource": c.resource,
 	})
 	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 }

 // Do executes the "privateca.projects.locations.certificateAuthorities.certificateRevocationLists.getIamPolicy" call.
 // Exactly one of *Policy or error will be non-nil. Any non-2xx status
 // code is an error. Response headers are in either
 // *Policy.ServerResponse.Header or (if a response was returned at all)
 // in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to
 // check whether the returned error was because http.StatusNotModified
 // was returned.
 func (c *ProjectsLocationsCertificateAuthoritiesCertificateRevocationListsGetIamPolicyCall) Do(opts ...googleapi.CallOption) (*Policy, error) {
 	gensupport.SetOptions(c.urlParams_, opts...)
 	res, err := c.doRequest("json")
 	if res != nil && res.StatusCode == http.StatusNotModified {
 		if res.Body != nil {
 			res.Body.Close()
 		}
 		return nil, &googleapi.Error{
 			Code:   res.StatusCode,
 			Header: res.Header,
 		}
 	}
 	if err != nil {
 		return nil, err
 	}
 	defer googleapi.CloseBody(res)
 	if err := googleapi.CheckResponse(res); err != nil {
 		return nil, err
 	}
 	ret := &Policy{
 		ServerResponse: googleapi.ServerResponse{
 			Header:         res.Header,
 			HTTPStatusCode: res.StatusCode,
 		},
 	}
 	target := &ret
 	if err := gensupport.DecodeResponse(target, res); err != nil {
 		return nil, err
 	}
 	return ret, nil
 	// {
 	//   "description": "Gets the access control policy for a resource. Returns an empty policy if the resource exists and does not have a policy set.",
 	//   "flatPath": "v1beta1/projects/{projectsId}/locations/{locationsId}/certificateAuthorities/{certificateAuthoritiesId}/certificateRevocationLists/{certificateRevocationListsId}:getIamPolicy",
 	//   "httpMethod": "GET",
 	//   "id": "privateca.projects.locations.certificateAuthorities.certificateRevocationLists.getIamPolicy",
 	//   "parameterOrder": [
 	//     "resource"
 	//   ],
 	//   "parameters": {
 	//     "options.requestedPolicyVersion": {
 	//       "description": "Optional. The policy format version to be returned. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).",
 	//       "format": "int32",
 	//       "location": "query",
 	//       "type": "integer"
 	//     },
 	//     "resource": {
 	//       "description": "REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field.",
 	//       "location": "path",
 	//       "pattern": "^projects/[^/]+/locations/[^/]+/certificateAuthorities/[^/]+/certificateRevocationLists/[^/]+$",
 	//       "required": true,
 	//       "type": "string"
 	//     }
 	//   },
 	//   "path": "v1beta1/{+resource}:getIamPolicy",
 	//   "response": {
 	//     "$ref": "Policy"
 	//   },
 	//   "scopes": [
 	//     "https://www.googleapis.com/auth/cloud-platform"
 	//   ]
 	// }

 }

 // method id "privateca.projects.locations.certificateAuthorities.certificateRevocationLists.list":

 type ProjectsLocationsCertificateAuthoritiesCertificateRevocationListsListCall struct {
 	s            *Service
 	parent       string
 	urlParams_   gensupport.URLParams
 	ifNoneMatch_ string
 	ctx_         context.Context
 	header_      http.Header
 }

 // List: Lists CertificateRevocationLists.
 func (r *ProjectsLocationsCertificateAuthoritiesCertificateRevocationListsService) List(parent string) *ProjectsLocationsCertificateAuthoritiesCertificateRevocationListsListCall {
 	c := &ProjectsLocationsCertificateAuthoritiesCertificateRevocationListsListCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 	c.parent = parent
 	return c
 }

 // Filter sets the optional parameter "filter": Only include resources
 // that match the filter in the response.
 func (c *ProjectsLocationsCertificateAuthoritiesCertificateRevocationListsListCall) Filter(filter string) *ProjectsLocationsCertificateAuthoritiesCertificateRevocationListsListCall {
 	c.urlParams_.Set("filter", filter)
 	return c
 }

 // OrderBy sets the optional parameter "orderBy": Specify how the
 // results should be sorted.
 func (c *ProjectsLocationsCertificateAuthoritiesCertificateRevocationListsListCall) OrderBy(orderBy string) *ProjectsLocationsCertificateAuthoritiesCertificateRevocationListsListCall {
 	c.urlParams_.Set("orderBy", orderBy)
 	return c
 }

 // PageSize sets the optional parameter "pageSize": Limit on the number
 // of CertificateRevocationLists to include in the response. Further
 // CertificateRevocationLists can subsequently be obtained by including
 // the ListCertificateRevocationListsResponse.next_page_token in a
 // subsequent request. If unspecified, the server will pick an
 // appropriate default.
 func (c *ProjectsLocationsCertificateAuthoritiesCertificateRevocationListsListCall) PageSize(pageSize int64) *ProjectsLocationsCertificateAuthoritiesCertificateRevocationListsListCall {
 	c.urlParams_.Set("pageSize", fmt.Sprint(pageSize))
 	return c
 }

 // PageToken sets the optional parameter "pageToken": Pagination token,
 // returned earlier via
 // ListCertificateRevocationListsResponse.next_page_token.
 func (c *ProjectsLocationsCertificateAuthoritiesCertificateRevocationListsListCall) PageToken(pageToken string) *ProjectsLocationsCertificateAuthoritiesCertificateRevocationListsListCall {
 	c.urlParams_.Set("pageToken", pageToken)
 	return c
 }

 // Fields allows partial responses to be retrieved. See
 // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
 // for more information.
 func (c *ProjectsLocationsCertificateAuthoritiesCertificateRevocationListsListCall) Fields(s ...googleapi.Field) *ProjectsLocationsCertificateAuthoritiesCertificateRevocationListsListCall {
 	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 	return c
 }

 // IfNoneMatch sets the optional parameter which makes the operation
 // fail if the object's ETag matches the given value. This is useful for
 // getting updates only after the object has changed since the last
 // request. Use googleapi.IsNotModified to check whether the response
 // error from Do is the result of In-None-Match.
 func (c *ProjectsLocationsCertificateAuthoritiesCertificateRevocationListsListCall) IfNoneMatch(entityTag string) *ProjectsLocationsCertificateAuthoritiesCertificateRevocationListsListCall {
 	c.ifNoneMatch_ = entityTag
 	return c
 }

 // Context sets the context to be used in this call's Do method. Any
 // pending HTTP request will be aborted if the provided context is
 // canceled.
 func (c *ProjectsLocationsCertificateAuthoritiesCertificateRevocationListsListCall) Context(ctx context.Context) *ProjectsLocationsCertificateAuthoritiesCertificateRevocationListsListCall {
 	c.ctx_ = ctx
 	return c
 }

 // Header returns an http.Header that can be modified by the caller to
 // add HTTP headers to the request.
 func (c *ProjectsLocationsCertificateAuthoritiesCertificateRevocationListsListCall) Header() http.Header {
 	if c.header_ == nil {
 		c.header_ = make(http.Header)
 	}
 	return c.header_
 }

 func (c *ProjectsLocationsCertificateAuthoritiesCertificateRevocationListsListCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
 	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210211")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
 	reqHeaders.Set("User-Agent", c.s.userAgent())
 	if c.ifNoneMatch_ != "" {
 		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
 	}
 	var body io.Reader = nil
 	c.urlParams_.Set("alt", alt)
 	c.urlParams_.Set("prettyPrint", "false")
 	urls := googleapi.ResolveRelative(c.s.BasePath, "v1beta1/{+parent}/certificateRevocationLists")
 	urls += "?" + c.urlParams_.Encode()
 	req, err := http.NewRequest("GET", urls, body)
 	if err != nil {
 		return nil, err
 	}
 	req.Header = reqHeaders
 	googleapi.Expand(req.URL, map[string]string{
 		"parent": c.parent,
 	})
 	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 }

 // Do executes the "privateca.projects.locations.certificateAuthorities.certificateRevocationLists.list" call.
 // Exactly one of *ListCertificateRevocationListsResponse or error will
 // be non-nil. Any non-2xx status code is an error. Response headers are
 // in either
 // *ListCertificateRevocationListsResponse.ServerResponse.Header or (if
 // a response was returned at all) in error.(*googleapi.Error).Header.
 // Use googleapi.IsNotModified to check whether the returned error was
 // because http.StatusNotModified was returned.
 func (c *ProjectsLocationsCertificateAuthoritiesCertificateRevocationListsListCall) Do(opts ...googleapi.CallOption) (*ListCertificateRevocationListsResponse, error) {
 	gensupport.SetOptions(c.urlParams_, opts...)
 	res, err := c.doRequest("json")
 	if res != nil && res.StatusCode == http.StatusNotModified {
 		if res.Body != nil {
 			res.Body.Close()
 		}
 		return nil, &googleapi.Error{
 			Code:   res.StatusCode,
 			Header: res.Header,
 		}
 	}
 	if err != nil {
 		return nil, err
 	}
 	defer googleapi.CloseBody(res)
 	if err := googleapi.CheckResponse(res); err != nil {
 		return nil, err
 	}
 	ret := &ListCertificateRevocationListsResponse{
 		ServerResponse: googleapi.ServerResponse{
 			Header:         res.Header,
 			HTTPStatusCode: res.StatusCode,
 		},
 	}
 	target := &ret
 	if err := gensupport.DecodeResponse(target, res); err != nil {
 		return nil, err
 	}
 	return ret, nil
 	// {
 	//   "description": "Lists CertificateRevocationLists.",
 	//   "flatPath": "v1beta1/projects/{projectsId}/locations/{locationsId}/certificateAuthorities/{certificateAuthoritiesId}/certificateRevocationLists",
 	//   "httpMethod": "GET",
 	//   "id": "privateca.projects.locations.certificateAuthorities.certificateRevocationLists.list",
 	//   "parameterOrder": [
 	//     "parent"
 	//   ],
 	//   "parameters": {
 	//     "filter": {
 	//       "description": "Optional. Only include resources that match the filter in the response.",
 	//       "location": "query",
 	//       "type": "string"
 	//     },
 	//     "orderBy": {
 	//       "description": "Optional. Specify how the results should be sorted.",
 	//       "location": "query",
 	//       "type": "string"
 	//     },
 	//     "pageSize": {
 	//       "description": "Optional. Limit on the number of CertificateRevocationLists to include in the response. Further CertificateRevocationLists can subsequently be obtained by including the ListCertificateRevocationListsResponse.next_page_token in a subsequent request. If unspecified, the server will pick an appropriate default.",
 	//       "format": "int32",
 	//       "location": "query",
 	//       "type": "integer"
 	//     },
 	//     "pageToken": {
 	//       "description": "Optional. Pagination token, returned earlier via ListCertificateRevocationListsResponse.next_page_token.",
 	//       "location": "query",
 	//       "type": "string"
 	//     },
 	//     "parent": {
 	//       "description": "Required. The resource name of the location associated with the CertificateRevocationLists, in the format `projects/*/locations/*/certificateauthorities/*`.",
 	//       "location": "path",
 	//       "pattern": "^projects/[^/]+/locations/[^/]+/certificateAuthorities/[^/]+$",
 	//       "required": true,
 	//       "type": "string"
 	//     }
 	//   },
 	//   "path": "v1beta1/{+parent}/certificateRevocationLists",
 	//   "response": {
 	//     "$ref": "ListCertificateRevocationListsResponse"
 	//   },
 	//   "scopes": [
 	//     "https://www.googleapis.com/auth/cloud-platform"
 	//   ]
 	// }

 }

 // Pages invokes f for each page of results.
 // A non-nil error returned from f will halt the iteration.
 // The provided context supersedes any context provided to the Context method.
 func (c *ProjectsLocationsCertificateAuthoritiesCertificateRevocationListsListCall) Pages(ctx context.Context, f func(*ListCertificateRevocationListsResponse) error) error {
 	c.ctx_ = ctx
 	defer c.PageToken(c.urlParams_.Get("pageToken")) // reset paging to original point
 	for {
 		x, err := c.Do()
 		if err != nil {
 			return err
 		}
 		if err := f(x); err != nil {
 			return err
 		}
 		if x.NextPageToken == "" {
 			return nil
 		}
 		c.PageToken(x.NextPageToken)
 	}
 }

 // method id "privateca.projects.locations.certificateAuthorities.certificateRevocationLists.patch":

 type ProjectsLocationsCertificateAuthoritiesCertificateRevocationListsPatchCall struct {
 	s                         *Service
 	name                      string
 	certificaterevocationlist *CertificateRevocationList
 	urlParams_                gensupport.URLParams
 	ctx_                      context.Context
 	header_                   http.Header
 }

 // Patch: Update a CertificateRevocationList.
 func (r *ProjectsLocationsCertificateAuthoritiesCertificateRevocationListsService) Patch(name string, certificaterevocationlist *CertificateRevocationList) *ProjectsLocationsCertificateAuthoritiesCertificateRevocationListsPatchCall {
 	c := &ProjectsLocationsCertificateAuthoritiesCertificateRevocationListsPatchCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 	c.name = name
 	c.certificaterevocationlist = certificaterevocationlist
 	return c
 }

 // RequestId sets the optional parameter "requestId": An ID to identify
 // requests. Specify a unique request ID so that if you must retry your
 // request, the server will know to ignore the request if it has already
 // been completed. The server will guarantee that for at least 60
 // minutes since the first request. For example, consider a situation
 // where you make an initial request and t he request times out. If you
 // make the request again with the same request ID, the server can check
 // if original operation with the same request ID was received, and if
 // so, will ignore the second request. This prevents clients from
 // accidentally creating duplicate commitments. The request ID must be a
 // valid UUID with the exception that zero UUID is not supported
 // (00000000-0000-0000-0000-000000000000).
 func (c *ProjectsLocationsCertificateAuthoritiesCertificateRevocationListsPatchCall) RequestId(requestId string) *ProjectsLocationsCertificateAuthoritiesCertificateRevocationListsPatchCall {
 	c.urlParams_.Set("requestId", requestId)
 	return c
 }

 // UpdateMask sets the optional parameter "updateMask": Required. A list
 // of fields to be updated in this request.
 func (c *ProjectsLocationsCertificateAuthoritiesCertificateRevocationListsPatchCall) UpdateMask(updateMask string) *ProjectsLocationsCertificateAuthoritiesCertificateRevocationListsPatchCall {
 	c.urlParams_.Set("updateMask", updateMask)
 	return c
 }

 // Fields allows partial responses to be retrieved. See
 // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
 // for more information.
 func (c *ProjectsLocationsCertificateAuthoritiesCertificateRevocationListsPatchCall) Fields(s ...googleapi.Field) *ProjectsLocationsCertificateAuthoritiesCertificateRevocationListsPatchCall {
 	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 	return c
 }

 // Context sets the context to be used in this call's Do method. Any
 // pending HTTP request will be aborted if the provided context is
 // canceled.
 func (c *ProjectsLocationsCertificateAuthoritiesCertificateRevocationListsPatchCall) Context(ctx context.Context) *ProjectsLocationsCertificateAuthoritiesCertificateRevocationListsPatchCall {
 	c.ctx_ = ctx
 	return c
 }

 // Header returns an http.Header that can be modified by the caller to
 // add HTTP headers to the request.
 func (c *ProjectsLocationsCertificateAuthoritiesCertificateRevocationListsPatchCall) Header() http.Header {
 	if c.header_ == nil {
 		c.header_ = make(http.Header)
 	}
 	return c.header_
 }

 func (c *ProjectsLocationsCertificateAuthoritiesCertificateRevocationListsPatchCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
 	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210211")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
 	reqHeaders.Set("User-Agent", c.s.userAgent())
 	var body io.Reader = nil
 	body, err := googleapi.WithoutDataWrapper.JSONReader(c.certificaterevocationlist)
 	if err != nil {
 		return nil, err
 	}
 	reqHeaders.Set("Content-Type", "application/json")
 	c.urlParams_.Set("alt", alt)
 	c.urlParams_.Set("prettyPrint", "false")
 	urls := googleapi.ResolveRelative(c.s.BasePath, "v1beta1/{+name}")
 	urls += "?" + c.urlParams_.Encode()
 	req, err := http.NewRequest("PATCH", urls, body)
 	if err != nil {
 		return nil, err
 	}
 	req.Header = reqHeaders
 	googleapi.Expand(req.URL, map[string]string{
 		"name": c.name,
 	})
 	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 }

 // Do executes the "privateca.projects.locations.certificateAuthorities.certificateRevocationLists.patch" call.
 // Exactly one of *Operation or error will be non-nil. Any non-2xx
 // status code is an error. Response headers are in either
 // *Operation.ServerResponse.Header or (if a response was returned at
 // all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified
 // to check whether the returned error was because
 // http.StatusNotModified was returned.
 func (c *ProjectsLocationsCertificateAuthoritiesCertificateRevocationListsPatchCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
 	gensupport.SetOptions(c.urlParams_, opts...)
 	res, err := c.doRequest("json")
 	if res != nil && res.StatusCode == http.StatusNotModified {
 		if res.Body != nil {
 			res.Body.Close()
 		}
 		return nil, &googleapi.Error{
 			Code:   res.StatusCode,
 			Header: res.Header,
 		}
 	}
 	if err != nil {
 		return nil, err
 	}
 	defer googleapi.CloseBody(res)
 	if err := googleapi.CheckResponse(res); err != nil {
 		return nil, err
 	}
 	ret := &Operation{
 		ServerResponse: googleapi.ServerResponse{
 			Header:         res.Header,
 			HTTPStatusCode: res.StatusCode,
 		},
 	}
 	target := &ret
 	if err := gensupport.DecodeResponse(target, res); err != nil {
 		return nil, err
 	}
 	return ret, nil
 	// {
 	//   "description": "Update a CertificateRevocationList.",
 	//   "flatPath": "v1beta1/projects/{projectsId}/locations/{locationsId}/certificateAuthorities/{certificateAuthoritiesId}/certificateRevocationLists/{certificateRevocationListsId}",
 	//   "httpMethod": "PATCH",
 	//   "id": "privateca.projects.locations.certificateAuthorities.certificateRevocationLists.patch",
 	//   "parameterOrder": [
 	//     "name"
 	//   ],
 	//   "parameters": {
 	//     "name": {
 	//       "description": "Output only. The resource path for this CertificateRevocationList in the format `projects/*/locations/*/certificateAuthorities/*/ certificateRevocationLists/*`.",
 	//       "location": "path",
 	//       "pattern": "^projects/[^/]+/locations/[^/]+/certificateAuthorities/[^/]+/certificateRevocationLists/[^/]+$",
 	//       "required": true,
 	//       "type": "string"
 	//     },
 	//     "requestId": {
 	//       "description": "Optional. An ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and t he request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
 	//       "location": "query",
 	//       "type": "string"
 	//     },
 	//     "updateMask": {
 	//       "description": "Required. A list of fields to be updated in this request.",
 	//       "format": "google-fieldmask",
 	//       "location": "query",
 	//       "type": "string"
 	//     }
 	//   },
 	//   "path": "v1beta1/{+name}",
 	//   "request": {
 	//     "$ref": "CertificateRevocationList"
 	//   },
 	//   "response": {
 	//     "$ref": "Operation"
 	//   },
 	//   "scopes": [
 	//     "https://www.googleapis.com/auth/cloud-platform"
 	//   ]
 	// }

 }

 // method id "privateca.projects.locations.certificateAuthorities.certificateRevocationLists.setIamPolicy":

 type ProjectsLocationsCertificateAuthoritiesCertificateRevocationListsSetIamPolicyCall struct {
 	s                   *Service
 	resource            string
 	setiampolicyrequest *SetIamPolicyRequest
 	urlParams_          gensupport.URLParams
 	ctx_                context.Context
 	header_             http.Header
 }

 // SetIamPolicy: Sets the access control policy on the specified
 // resource. Replaces any existing policy. Can return `NOT_FOUND`,
 // `INVALID_ARGUMENT`, and `PERMISSION_DENIED` errors.
 func (r *ProjectsLocationsCertificateAuthoritiesCertificateRevocationListsService) SetIamPolicy(resource string, setiampolicyrequest *SetIamPolicyRequest) *ProjectsLocationsCertificateAuthoritiesCertificateRevocationListsSetIamPolicyCall {
 	c := &ProjectsLocationsCertificateAuthoritiesCertificateRevocationListsSetIamPolicyCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 	c.resource = resource
 	c.setiampolicyrequest = setiampolicyrequest
 	return c
 }

 // Fields allows partial responses to be retrieved. See
 // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
 // for more information.
 func (c *ProjectsLocationsCertificateAuthoritiesCertificateRevocationListsSetIamPolicyCall) Fields(s ...googleapi.Field) *ProjectsLocationsCertificateAuthoritiesCertificateRevocationListsSetIamPolicyCall {
 	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 	return c
 }

 // Context sets the context to be used in this call's Do method. Any
 // pending HTTP request will be aborted if the provided context is
 // canceled.
 func (c *ProjectsLocationsCertificateAuthoritiesCertificateRevocationListsSetIamPolicyCall) Context(ctx context.Context) *ProjectsLocationsCertificateAuthoritiesCertificateRevocationListsSetIamPolicyCall {
 	c.ctx_ = ctx
 	return c
 }

 // Header returns an http.Header that can be modified by the caller to
 // add HTTP headers to the request.
 func (c *ProjectsLocationsCertificateAuthoritiesCertificateRevocationListsSetIamPolicyCall) Header() http.Header {
 	if c.header_ == nil {
 		c.header_ = make(http.Header)
 	}
 	return c.header_
 }

 func (c *ProjectsLocationsCertificateAuthoritiesCertificateRevocationListsSetIamPolicyCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
 	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210211")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
 	reqHeaders.Set("User-Agent", c.s.userAgent())
 	var body io.Reader = nil
 	body, err := googleapi.WithoutDataWrapper.JSONReader(c.setiampolicyrequest)
 	if err != nil {
 		return nil, err
 	}
 	reqHeaders.Set("Content-Type", "application/json")
 	c.urlParams_.Set("alt", alt)
 	c.urlParams_.Set("prettyPrint", "false")
 	urls := googleapi.ResolveRelative(c.s.BasePath, "v1beta1/{+resource}:setIamPolicy")
 	urls += "?" + c.urlParams_.Encode()
 	req, err := http.NewRequest("POST", urls, body)
 	if err != nil {
 		return nil, err
 	}
 	req.Header = reqHeaders
 	googleapi.Expand(req.URL, map[string]string{
 		"resource": c.resource,
 	})
 	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 }

 // Do executes the "privateca.projects.locations.certificateAuthorities.certificateRevocationLists.setIamPolicy" call.
 // Exactly one of *Policy or error will be non-nil. Any non-2xx status
 // code is an error. Response headers are in either
 // *Policy.ServerResponse.Header or (if a response was returned at all)
 // in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to
 // check whether the returned error was because http.StatusNotModified
 // was returned.
 func (c *ProjectsLocationsCertificateAuthoritiesCertificateRevocationListsSetIamPolicyCall) Do(opts ...googleapi.CallOption) (*Policy, error) {
 	gensupport.SetOptions(c.urlParams_, opts...)
 	res, err := c.doRequest("json")
 	if res != nil && res.StatusCode == http.StatusNotModified {
 		if res.Body != nil {
 			res.Body.Close()
 		}
 		return nil, &googleapi.Error{
 			Code:   res.StatusCode,
 			Header: res.Header,
 		}
 	}
 	if err != nil {
 		return nil, err
 	}
 	defer googleapi.CloseBody(res)
 	if err := googleapi.CheckResponse(res); err != nil {
 		return nil, err
 	}
 	ret := &Policy{
 		ServerResponse: googleapi.ServerResponse{
 			Header:         res.Header,
 			HTTPStatusCode: res.StatusCode,
 		},
 	}
 	target := &ret
 	if err := gensupport.DecodeResponse(target, res); err != nil {
 		return nil, err
 	}
 	return ret, nil
 	// {
 	//   "description": "Sets the access control policy on the specified resource. Replaces any existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and `PERMISSION_DENIED` errors.",
 	//   "flatPath": "v1beta1/projects/{projectsId}/locations/{locationsId}/certificateAuthorities/{certificateAuthoritiesId}/certificateRevocationLists/{certificateRevocationListsId}:setIamPolicy",
 	//   "httpMethod": "POST",
 	//   "id": "privateca.projects.locations.certificateAuthorities.certificateRevocationLists.setIamPolicy",
 	//   "parameterOrder": [
 	//     "resource"
 	//   ],
 	//   "parameters": {
 	//     "resource": {
 	//       "description": "REQUIRED: The resource for which the policy is being specified. See the operation documentation for the appropriate value for this field.",
 	//       "location": "path",
 	//       "pattern": "^projects/[^/]+/locations/[^/]+/certificateAuthorities/[^/]+/certificateRevocationLists/[^/]+$",
 	//       "required": true,
 	//       "type": "string"
 	//     }
 	//   },
 	//   "path": "v1beta1/{+resource}:setIamPolicy",
 	//   "request": {
 	//     "$ref": "SetIamPolicyRequest"
 	//   },
 	//   "response": {
 	//     "$ref": "Policy"
 	//   },
 	//   "scopes": [
 	//     "https://www.googleapis.com/auth/cloud-platform"
 	//   ]
 	// }

 }

 // method id "privateca.projects.locations.certificateAuthorities.certificateRevocationLists.testIamPermissions":

 type ProjectsLocationsCertificateAuthoritiesCertificateRevocationListsTestIamPermissionsCall struct {
 	s                         *Service
 	resource                  string
 	testiampermissionsrequest *TestIamPermissionsRequest
 	urlParams_                gensupport.URLParams
 	ctx_                      context.Context
 	header_                   http.Header
 }

 // TestIamPermissions: Returns permissions that a caller has on the
 // specified resource. If the resource does not exist, this will return
 // an empty set of permissions, not a `NOT_FOUND` error. Note: This
 // operation is designed to be used for building permission-aware UIs
 // and command-line tools, not for authorization checking. This
 // operation may "fail open" without warning.
 func (r *ProjectsLocationsCertificateAuthoritiesCertificateRevocationListsService) TestIamPermissions(resource string, testiampermissionsrequest *TestIamPermissionsRequest) *ProjectsLocationsCertificateAuthoritiesCertificateRevocationListsTestIamPermissionsCall {
 	c := &ProjectsLocationsCertificateAuthoritiesCertificateRevocationListsTestIamPermissionsCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 	c.resource = resource
 	c.testiampermissionsrequest = testiampermissionsrequest
 	return c
 }

 // Fields allows partial responses to be retrieved. See
 // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
 // for more information.
 func (c *ProjectsLocationsCertificateAuthoritiesCertificateRevocationListsTestIamPermissionsCall) Fields(s ...googleapi.Field) *ProjectsLocationsCertificateAuthoritiesCertificateRevocationListsTestIamPermissionsCall {
 	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 	return c
 }

 // Context sets the context to be used in this call's Do method. Any
 // pending HTTP request will be aborted if the provided context is
 // canceled.
 func (c *ProjectsLocationsCertificateAuthoritiesCertificateRevocationListsTestIamPermissionsCall) Context(ctx context.Context) *ProjectsLocationsCertificateAuthoritiesCertificateRevocationListsTestIamPermissionsCall {
 	c.ctx_ = ctx
 	return c
 }

 // Header returns an http.Header that can be modified by the caller to
 // add HTTP headers to the request.
 func (c *ProjectsLocationsCertificateAuthoritiesCertificateRevocationListsTestIamPermissionsCall) Header() http.Header {
 	if c.header_ == nil {
 		c.header_ = make(http.Header)
 	}
 	return c.header_
 }

 func (c *ProjectsLocationsCertificateAuthoritiesCertificateRevocationListsTestIamPermissionsCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
 	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210211")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
 	reqHeaders.Set("User-Agent", c.s.userAgent())
 	var body io.Reader = nil
 	body, err := googleapi.WithoutDataWrapper.JSONReader(c.testiampermissionsrequest)
 	if err != nil {
 		return nil, err
 	}
 	reqHeaders.Set("Content-Type", "application/json")
 	c.urlParams_.Set("alt", alt)
 	c.urlParams_.Set("prettyPrint", "false")
 	urls := googleapi.ResolveRelative(c.s.BasePath, "v1beta1/{+resource}:testIamPermissions")
 	urls += "?" + c.urlParams_.Encode()
 	req, err := http.NewRequest("POST", urls, body)
 	if err != nil {
 		return nil, err
 	}
 	req.Header = reqHeaders
 	googleapi.Expand(req.URL, map[string]string{
 		"resource": c.resource,
 	})
 	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 }

 // Do executes the "privateca.projects.locations.certificateAuthorities.certificateRevocationLists.testIamPermissions" call.
 // Exactly one of *TestIamPermissionsResponse or error will be non-nil.
 // Any non-2xx status code is an error. Response headers are in either
 // *TestIamPermissionsResponse.ServerResponse.Header or (if a response
 // was returned at all) in error.(*googleapi.Error).Header. Use
 // googleapi.IsNotModified to check whether the returned error was
 // because http.StatusNotModified was returned.
 func (c *ProjectsLocationsCertificateAuthoritiesCertificateRevocationListsTestIamPermissionsCall) Do(opts ...googleapi.CallOption) (*TestIamPermissionsResponse, error) {
 	gensupport.SetOptions(c.urlParams_, opts...)
 	res, err := c.doRequest("json")
 	if res != nil && res.StatusCode == http.StatusNotModified {
 		if res.Body != nil {
 			res.Body.Close()
 		}
 		return nil, &googleapi.Error{
 			Code:   res.StatusCode,
 			Header: res.Header,
 		}
 	}
 	if err != nil {
 		return nil, err
 	}
 	defer googleapi.CloseBody(res)
 	if err := googleapi.CheckResponse(res); err != nil {
 		return nil, err
 	}
 	ret := &TestIamPermissionsResponse{
 		ServerResponse: googleapi.ServerResponse{
 			Header:         res.Header,
 			HTTPStatusCode: res.StatusCode,
 		},
 	}
 	target := &ret
 	if err := gensupport.DecodeResponse(target, res); err != nil {
 		return nil, err
 	}
 	return ret, nil
 	// {
 	//   "description": "Returns permissions that a caller has on the specified resource. If the resource does not exist, this will return an empty set of permissions, not a `NOT_FOUND` error. Note: This operation is designed to be used for building permission-aware UIs and command-line tools, not for authorization checking. This operation may \"fail open\" without warning.",
 	//   "flatPath": "v1beta1/projects/{projectsId}/locations/{locationsId}/certificateAuthorities/{certificateAuthoritiesId}/certificateRevocationLists/{certificateRevocationListsId}:testIamPermissions",
 	//   "httpMethod": "POST",
 	//   "id": "privateca.projects.locations.certificateAuthorities.certificateRevocationLists.testIamPermissions",
 	//   "parameterOrder": [
 	//     "resource"
 	//   ],
 	//   "parameters": {
 	//     "resource": {
 	//       "description": "REQUIRED: The resource for which the policy detail is being requested. See the operation documentation for the appropriate value for this field.",
 	//       "location": "path",
 	//       "pattern": "^projects/[^/]+/locations/[^/]+/certificateAuthorities/[^/]+/certificateRevocationLists/[^/]+$",
 	//       "required": true,
 	//       "type": "string"
 	//     }
 	//   },
 	//   "path": "v1beta1/{+resource}:testIamPermissions",
 	//   "request": {
 	//     "$ref": "TestIamPermissionsRequest"
 	//   },
 	//   "response": {
 	//     "$ref": "TestIamPermissionsResponse"
 	//   },
 	//   "scopes": [
 	//     "https://www.googleapis.com/auth/cloud-platform"
 	//   ]
 	// }

 }

 // method id "privateca.projects.locations.certificateAuthorities.certificates.create":

 type ProjectsLocationsCertificateAuthoritiesCertificatesCreateCall struct {
 	s           *Service
 	parent      string
 	certificate *Certificate
 	urlParams_  gensupport.URLParams
 	ctx_        context.Context
 	header_     http.Header
 }

 // Create: Create a new Certificate in a given Project, Location from a
 // particular CertificateAuthority.
 func (r *ProjectsLocationsCertificateAuthoritiesCertificatesService) Create(parent string, certificate *Certificate) *ProjectsLocationsCertificateAuthoritiesCertificatesCreateCall {
 	c := &ProjectsLocationsCertificateAuthoritiesCertificatesCreateCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 	c.parent = parent
 	c.certificate = certificate
 	return c
 }

 // CertificateId sets the optional parameter "certificateId": It must be
 // unique within a location and match the regular expression
 // `[a-zA-Z0-9_-]{1,63}`. This field is required when using a
 // CertificateAuthority in the Enterprise CertificateAuthority.Tier, but
 // is optional and its value is ignored otherwise.
 func (c *ProjectsLocationsCertificateAuthoritiesCertificatesCreateCall) CertificateId(certificateId string) *ProjectsLocationsCertificateAuthoritiesCertificatesCreateCall {
 	c.urlParams_.Set("certificateId", certificateId)
 	return c
 }

 // RequestId sets the optional parameter "requestId": An ID to identify
 // requests. Specify a unique request ID so that if you must retry your
 // request, the server will know to ignore the request if it has already
 // been completed. The server will guarantee that for at least 60
 // minutes since the first request. For example, consider a situation
 // where you make an initial request and t he request times out. If you
 // make the request again with the same request ID, the server can check
 // if original operation with the same request ID was received, and if
 // so, will ignore the second request. This prevents clients from
 // accidentally creating duplicate commitments. The request ID must be a
 // valid UUID with the exception that zero UUID is not supported
 // (00000000-0000-0000-0000-000000000000).
 func (c *ProjectsLocationsCertificateAuthoritiesCertificatesCreateCall) RequestId(requestId string) *ProjectsLocationsCertificateAuthoritiesCertificatesCreateCall {
 	c.urlParams_.Set("requestId", requestId)
 	return c
 }

 // Fields allows partial responses to be retrieved. See
 // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
 // for more information.
 func (c *ProjectsLocationsCertificateAuthoritiesCertificatesCreateCall) Fields(s ...googleapi.Field) *ProjectsLocationsCertificateAuthoritiesCertificatesCreateCall {
 	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 	return c
 }

 // Context sets the context to be used in this call's Do method. Any
 // pending HTTP request will be aborted if the provided context is
 // canceled.
 func (c *ProjectsLocationsCertificateAuthoritiesCertificatesCreateCall) Context(ctx context.Context) *ProjectsLocationsCertificateAuthoritiesCertificatesCreateCall {
 	c.ctx_ = ctx
 	return c
 }

 // Header returns an http.Header that can be modified by the caller to
 // add HTTP headers to the request.
 func (c *ProjectsLocationsCertificateAuthoritiesCertificatesCreateCall) Header() http.Header {
 	if c.header_ == nil {
 		c.header_ = make(http.Header)
 	}
 	return c.header_
 }

 func (c *ProjectsLocationsCertificateAuthoritiesCertificatesCreateCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
 	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210211")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
 	reqHeaders.Set("User-Agent", c.s.userAgent())
 	var body io.Reader = nil
 	body, err := googleapi.WithoutDataWrapper.JSONReader(c.certificate)
 	if err != nil {
 		return nil, err
 	}
 	reqHeaders.Set("Content-Type", "application/json")
 	c.urlParams_.Set("alt", alt)
 	c.urlParams_.Set("prettyPrint", "false")
 	urls := googleapi.ResolveRelative(c.s.BasePath, "v1beta1/{+parent}/certificates")
 	urls += "?" + c.urlParams_.Encode()
 	req, err := http.NewRequest("POST", urls, body)
 	if err != nil {
 		return nil, err
 	}
 	req.Header = reqHeaders
 	googleapi.Expand(req.URL, map[string]string{
 		"parent": c.parent,
 	})
 	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 }

 // Do executes the "privateca.projects.locations.certificateAuthorities.certificates.create" call.
 // Exactly one of *Certificate or error will be non-nil. Any non-2xx
 // status code is an error. Response headers are in either
 // *Certificate.ServerResponse.Header or (if a response was returned at
 // all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified
 // to check whether the returned error was because
 // http.StatusNotModified was returned.
 func (c *ProjectsLocationsCertificateAuthoritiesCertificatesCreateCall) Do(opts ...googleapi.CallOption) (*Certificate, error) {
 	gensupport.SetOptions(c.urlParams_, opts...)
 	res, err := c.doRequest("json")
 	if res != nil && res.StatusCode == http.StatusNotModified {
 		if res.Body != nil {
 			res.Body.Close()
 		}
 		return nil, &googleapi.Error{
 			Code:   res.StatusCode,
 			Header: res.Header,
 		}
 	}
 	if err != nil {
 		return nil, err
 	}
 	defer googleapi.CloseBody(res)
 	if err := googleapi.CheckResponse(res); err != nil {
 		return nil, err
 	}
 	ret := &Certificate{
 		ServerResponse: googleapi.ServerResponse{
 			Header:         res.Header,
 			HTTPStatusCode: res.StatusCode,
 		},
 	}
 	target := &ret
 	if err := gensupport.DecodeResponse(target, res); err != nil {
 		return nil, err
 	}
 	return ret, nil
 	// {
 	//   "description": "Create a new Certificate in a given Project, Location from a particular CertificateAuthority.",
 	//   "flatPath": "v1beta1/projects/{projectsId}/locations/{locationsId}/certificateAuthorities/{certificateAuthoritiesId}/certificates",
 	//   "httpMethod": "POST",
 	//   "id": "privateca.projects.locations.certificateAuthorities.certificates.create",
 	//   "parameterOrder": [
 	//     "parent"
 	//   ],
 	//   "parameters": {
 	//     "certificateId": {
 	//       "description": "Optional. It must be unique within a location and match the regular expression `[a-zA-Z0-9_-]{1,63}`. This field is required when using a CertificateAuthority in the Enterprise CertificateAuthority.Tier, but is optional and its value is ignored otherwise.",
 	//       "location": "query",
 	//       "type": "string"
 	//     },
 	//     "parent": {
 	//       "description": "Required. The resource name of the location and CertificateAuthority associated with the Certificate, in the format `projects/*/locations/*/certificateAuthorities/*`.",
 	//       "location": "path",
 	//       "pattern": "^projects/[^/]+/locations/[^/]+/certificateAuthorities/[^/]+$",
 	//       "required": true,
 	//       "type": "string"
 	//     },
 	//     "requestId": {
 	//       "description": "Optional. An ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and t he request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
 	//       "location": "query",
 	//       "type": "string"
 	//     }
 	//   },
 	//   "path": "v1beta1/{+parent}/certificates",
 	//   "request": {
 	//     "$ref": "Certificate"
 	//   },
 	//   "response": {
 	//     "$ref": "Certificate"
 	//   },
 	//   "scopes": [
 	//     "https://www.googleapis.com/auth/cloud-platform"
 	//   ]
 	// }

 }

 // method id "privateca.projects.locations.certificateAuthorities.certificates.get":

 type ProjectsLocationsCertificateAuthoritiesCertificatesGetCall struct {
 	s            *Service
 	name         string
 	urlParams_   gensupport.URLParams
 	ifNoneMatch_ string
 	ctx_         context.Context
 	header_      http.Header
 }

 // Get: Returns a Certificate.
 func (r *ProjectsLocationsCertificateAuthoritiesCertificatesService) Get(name string) *ProjectsLocationsCertificateAuthoritiesCertificatesGetCall {
 	c := &ProjectsLocationsCertificateAuthoritiesCertificatesGetCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 	c.name = name
 	return c
 }

 // Fields allows partial responses to be retrieved. See
 // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
 // for more information.
 func (c *ProjectsLocationsCertificateAuthoritiesCertificatesGetCall) Fields(s ...googleapi.Field) *ProjectsLocationsCertificateAuthoritiesCertificatesGetCall {
 	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 	return c
 }

 // IfNoneMatch sets the optional parameter which makes the operation
 // fail if the object's ETag matches the given value. This is useful for
 // getting updates only after the object has changed since the last
 // request. Use googleapi.IsNotModified to check whether the response
 // error from Do is the result of In-None-Match.
 func (c *ProjectsLocationsCertificateAuthoritiesCertificatesGetCall) IfNoneMatch(entityTag string) *ProjectsLocationsCertificateAuthoritiesCertificatesGetCall {
 	c.ifNoneMatch_ = entityTag
 	return c
 }

 // Context sets the context to be used in this call's Do method. Any
 // pending HTTP request will be aborted if the provided context is
 // canceled.
 func (c *ProjectsLocationsCertificateAuthoritiesCertificatesGetCall) Context(ctx context.Context) *ProjectsLocationsCertificateAuthoritiesCertificatesGetCall {
 	c.ctx_ = ctx
 	return c
 }

 // Header returns an http.Header that can be modified by the caller to
 // add HTTP headers to the request.
 func (c *ProjectsLocationsCertificateAuthoritiesCertificatesGetCall) Header() http.Header {
 	if c.header_ == nil {
 		c.header_ = make(http.Header)
 	}
 	return c.header_
 }

 func (c *ProjectsLocationsCertificateAuthoritiesCertificatesGetCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
 	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210211")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
 	reqHeaders.Set("User-Agent", c.s.userAgent())
 	if c.ifNoneMatch_ != "" {
 		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
 	}
 	var body io.Reader = nil
 	c.urlParams_.Set("alt", alt)
 	c.urlParams_.Set("prettyPrint", "false")
 	urls := googleapi.ResolveRelative(c.s.BasePath, "v1beta1/{+name}")
 	urls += "?" + c.urlParams_.Encode()
 	req, err := http.NewRequest("GET", urls, body)
 	if err != nil {
 		return nil, err
 	}
 	req.Header = reqHeaders
 	googleapi.Expand(req.URL, map[string]string{
 		"name": c.name,
 	})
 	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 }

 // Do executes the "privateca.projects.locations.certificateAuthorities.certificates.get" call.
 // Exactly one of *Certificate or error will be non-nil. Any non-2xx
 // status code is an error. Response headers are in either
 // *Certificate.ServerResponse.Header or (if a response was returned at
 // all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified
 // to check whether the returned error was because
 // http.StatusNotModified was returned.
 func (c *ProjectsLocationsCertificateAuthoritiesCertificatesGetCall) Do(opts ...googleapi.CallOption) (*Certificate, error) {
 	gensupport.SetOptions(c.urlParams_, opts...)
 	res, err := c.doRequest("json")
 	if res != nil && res.StatusCode == http.StatusNotModified {
 		if res.Body != nil {
 			res.Body.Close()
 		}
 		return nil, &googleapi.Error{
 			Code:   res.StatusCode,
 			Header: res.Header,
 		}
 	}
 	if err != nil {
 		return nil, err
 	}
 	defer googleapi.CloseBody(res)
 	if err := googleapi.CheckResponse(res); err != nil {
 		return nil, err
 	}
 	ret := &Certificate{
 		ServerResponse: googleapi.ServerResponse{
 			Header:         res.Header,
 			HTTPStatusCode: res.StatusCode,
 		},
 	}
 	target := &ret
 	if err := gensupport.DecodeResponse(target, res); err != nil {
 		return nil, err
 	}
 	return ret, nil
 	// {
 	//   "description": "Returns a Certificate.",
 	//   "flatPath": "v1beta1/projects/{projectsId}/locations/{locationsId}/certificateAuthorities/{certificateAuthoritiesId}/certificates/{certificatesId}",
 	//   "httpMethod": "GET",
 	//   "id": "privateca.projects.locations.certificateAuthorities.certificates.get",
 	//   "parameterOrder": [
 	//     "name"
 	//   ],
 	//   "parameters": {
 	//     "name": {
 	//       "description": "Required. The name of the Certificate to get.",
 	//       "location": "path",
 	//       "pattern": "^projects/[^/]+/locations/[^/]+/certificateAuthorities/[^/]+/certificates/[^/]+$",
 	//       "required": true,
 	//       "type": "string"
 	//     }
 	//   },
 	//   "path": "v1beta1/{+name}",
 	//   "response": {
 	//     "$ref": "Certificate"
 	//   },
 	//   "scopes": [
 	//     "https://www.googleapis.com/auth/cloud-platform"
 	//   ]
 	// }

 }

 // method id "privateca.projects.locations.certificateAuthorities.certificates.list":

 type ProjectsLocationsCertificateAuthoritiesCertificatesListCall struct {
 	s            *Service
 	parent       string
 	urlParams_   gensupport.URLParams
 	ifNoneMatch_ string
 	ctx_         context.Context
 	header_      http.Header
 }

 // List: Lists Certificates.
 func (r *ProjectsLocationsCertificateAuthoritiesCertificatesService) List(parent string) *ProjectsLocationsCertificateAuthoritiesCertificatesListCall {
 	c := &ProjectsLocationsCertificateAuthoritiesCertificatesListCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 	c.parent = parent
 	return c
 }

 // Filter sets the optional parameter "filter": Only include resources
 // that match the filter in the response. For details on supported
 // filters and syntax, see Certificates Filtering documentation
 // (https://cloud.google.com/certificate-authority-service/docs/sorting-filtering-certificates#filtering_support).
 func (c *ProjectsLocationsCertificateAuthoritiesCertificatesListCall) Filter(filter string) *ProjectsLocationsCertificateAuthoritiesCertificatesListCall {
 	c.urlParams_.Set("filter", filter)
 	return c
 }

 // OrderBy sets the optional parameter "orderBy": Specify how the
 // results should be sorted. For details on supported fields and syntax,
 // see Certificates Sorting documentation
 // (https://cloud.google.com/certificate-authority-service/docs/sorting-filtering-certificates#sorting_support).
 func (c *ProjectsLocationsCertificateAuthoritiesCertificatesListCall) OrderBy(orderBy string) *ProjectsLocationsCertificateAuthoritiesCertificatesListCall {
 	c.urlParams_.Set("orderBy", orderBy)
 	return c
 }

 // PageSize sets the optional parameter "pageSize": Limit on the number
 // of Certificates to include in the response. Further Certificates can
 // subsequently be obtained by including the
 // ListCertificatesResponse.next_page_token in a subsequent request. If
 // unspecified, the server will pick an appropriate default.
 func (c *ProjectsLocationsCertificateAuthoritiesCertificatesListCall) PageSize(pageSize int64) *ProjectsLocationsCertificateAuthoritiesCertificatesListCall {
 	c.urlParams_.Set("pageSize", fmt.Sprint(pageSize))
 	return c
 }

 // PageToken sets the optional parameter "pageToken": Pagination token,
 // returned earlier via ListCertificatesResponse.next_page_token.
 func (c *ProjectsLocationsCertificateAuthoritiesCertificatesListCall) PageToken(pageToken string) *ProjectsLocationsCertificateAuthoritiesCertificatesListCall {
 	c.urlParams_.Set("pageToken", pageToken)
 	return c
 }

 // Fields allows partial responses to be retrieved. See
 // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
 // for more information.
 func (c *ProjectsLocationsCertificateAuthoritiesCertificatesListCall) Fields(s ...googleapi.Field) *ProjectsLocationsCertificateAuthoritiesCertificatesListCall {
 	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 	return c
 }

 // IfNoneMatch sets the optional parameter which makes the operation
 // fail if the object's ETag matches the given value. This is useful for
 // getting updates only after the object has changed since the last
 // request. Use googleapi.IsNotModified to check whether the response
 // error from Do is the result of In-None-Match.
 func (c *ProjectsLocationsCertificateAuthoritiesCertificatesListCall) IfNoneMatch(entityTag string) *ProjectsLocationsCertificateAuthoritiesCertificatesListCall {
 	c.ifNoneMatch_ = entityTag
 	return c
 }

 // Context sets the context to be used in this call's Do method. Any
 // pending HTTP request will be aborted if the provided context is
 // canceled.
 func (c *ProjectsLocationsCertificateAuthoritiesCertificatesListCall) Context(ctx context.Context) *ProjectsLocationsCertificateAuthoritiesCertificatesListCall {
 	c.ctx_ = ctx
 	return c
 }

 // Header returns an http.Header that can be modified by the caller to
 // add HTTP headers to the request.
 func (c *ProjectsLocationsCertificateAuthoritiesCertificatesListCall) Header() http.Header {
 	if c.header_ == nil {
 		c.header_ = make(http.Header)
 	}
 	return c.header_
 }

 func (c *ProjectsLocationsCertificateAuthoritiesCertificatesListCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
 	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210211")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
 	reqHeaders.Set("User-Agent", c.s.userAgent())
 	if c.ifNoneMatch_ != "" {
 		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
 	}
 	var body io.Reader = nil
 	c.urlParams_.Set("alt", alt)
 	c.urlParams_.Set("prettyPrint", "false")
 	urls := googleapi.ResolveRelative(c.s.BasePath, "v1beta1/{+parent}/certificates")
 	urls += "?" + c.urlParams_.Encode()
 	req, err := http.NewRequest("GET", urls, body)
 	if err != nil {
 		return nil, err
 	}
 	req.Header = reqHeaders
 	googleapi.Expand(req.URL, map[string]string{
 		"parent": c.parent,
 	})
 	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 }

 // Do executes the "privateca.projects.locations.certificateAuthorities.certificates.list" call.
 // Exactly one of *ListCertificatesResponse or error will be non-nil.
 // Any non-2xx status code is an error. Response headers are in either
 // *ListCertificatesResponse.ServerResponse.Header or (if a response was
 // returned at all) in error.(*googleapi.Error).Header. Use
 // googleapi.IsNotModified to check whether the returned error was
 // because http.StatusNotModified was returned.
 func (c *ProjectsLocationsCertificateAuthoritiesCertificatesListCall) Do(opts ...googleapi.CallOption) (*ListCertificatesResponse, error) {
 	gensupport.SetOptions(c.urlParams_, opts...)
 	res, err := c.doRequest("json")
 	if res != nil && res.StatusCode == http.StatusNotModified {
 		if res.Body != nil {
 			res.Body.Close()
 		}
 		return nil, &googleapi.Error{
 			Code:   res.StatusCode,
 			Header: res.Header,
 		}
 	}
 	if err != nil {
 		return nil, err
 	}
 	defer googleapi.CloseBody(res)
 	if err := googleapi.CheckResponse(res); err != nil {
 		return nil, err
 	}
 	ret := &ListCertificatesResponse{
 		ServerResponse: googleapi.ServerResponse{
 			Header:         res.Header,
 			HTTPStatusCode: res.StatusCode,
 		},
 	}
 	target := &ret
 	if err := gensupport.DecodeResponse(target, res); err != nil {
 		return nil, err
 	}
 	return ret, nil
 	// {
 	//   "description": "Lists Certificates.",
 	//   "flatPath": "v1beta1/projects/{projectsId}/locations/{locationsId}/certificateAuthorities/{certificateAuthoritiesId}/certificates",
 	//   "httpMethod": "GET",
 	//   "id": "privateca.projects.locations.certificateAuthorities.certificates.list",
 	//   "parameterOrder": [
 	//     "parent"
 	//   ],
 	//   "parameters": {
 	//     "filter": {
 	//       "description": "Optional. Only include resources that match the filter in the response. For details on supported filters and syntax, see [Certificates Filtering documentation](https://cloud.google.com/certificate-authority-service/docs/sorting-filtering-certificates#filtering_support).",
 	//       "location": "query",
 	//       "type": "string"
 	//     },
 	//     "orderBy": {
 	//       "description": "Optional. Specify how the results should be sorted. For details on supported fields and syntax, see [Certificates Sorting documentation](https://cloud.google.com/certificate-authority-service/docs/sorting-filtering-certificates#sorting_support).",
 	//       "location": "query",
 	//       "type": "string"
 	//     },
 	//     "pageSize": {
 	//       "description": "Optional. Limit on the number of Certificates to include in the response. Further Certificates can subsequently be obtained by including the ListCertificatesResponse.next_page_token in a subsequent request. If unspecified, the server will pick an appropriate default.",
 	//       "format": "int32",
 	//       "location": "query",
 	//       "type": "integer"
 	//     },
 	//     "pageToken": {
 	//       "description": "Optional. Pagination token, returned earlier via ListCertificatesResponse.next_page_token.",
 	//       "location": "query",
 	//       "type": "string"
 	//     },
 	//     "parent": {
 	//       "description": "Required. The resource name of the location associated with the Certificates, in the format `projects/*/locations/*/certificateauthorities/*`.",
 	//       "location": "path",
 	//       "pattern": "^projects/[^/]+/locations/[^/]+/certificateAuthorities/[^/]+$",
 	//       "required": true,
 	//       "type": "string"
 	//     }
 	//   },
 	//   "path": "v1beta1/{+parent}/certificates",
 	//   "response": {
 	//     "$ref": "ListCertificatesResponse"
 	//   },
 	//   "scopes": [
 	//     "https://www.googleapis.com/auth/cloud-platform"
 	//   ]
 	// }

 }

 // Pages invokes f for each page of results.
 // A non-nil error returned from f will halt the iteration.
 // The provided context supersedes any context provided to the Context method.
 func (c *ProjectsLocationsCertificateAuthoritiesCertificatesListCall) Pages(ctx context.Context, f func(*ListCertificatesResponse) error) error {
 	c.ctx_ = ctx
 	defer c.PageToken(c.urlParams_.Get("pageToken")) // reset paging to original point
 	for {
 		x, err := c.Do()
 		if err != nil {
 			return err
 		}
 		if err := f(x); err != nil {
 			return err
 		}
 		if x.NextPageToken == "" {
 			return nil
 		}
 		c.PageToken(x.NextPageToken)
 	}
 }

 // method id "privateca.projects.locations.certificateAuthorities.certificates.patch":

 type ProjectsLocationsCertificateAuthoritiesCertificatesPatchCall struct {
 	s           *Service
 	name        string
 	certificate *Certificate
 	urlParams_  gensupport.URLParams
 	ctx_        context.Context
 	header_     http.Header
 }

 // Patch: Update a Certificate. Currently, the only field you can update
 // is the labels field.
 func (r *ProjectsLocationsCertificateAuthoritiesCertificatesService) Patch(name string, certificate *Certificate) *ProjectsLocationsCertificateAuthoritiesCertificatesPatchCall {
 	c := &ProjectsLocationsCertificateAuthoritiesCertificatesPatchCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 	c.name = name
 	c.certificate = certificate
 	return c
 }

 // RequestId sets the optional parameter "requestId": An ID to identify
 // requests. Specify a unique request ID so that if you must retry your
 // request, the server will know to ignore the request if it has already
 // been completed. The server will guarantee that for at least 60
 // minutes since the first request. For example, consider a situation
 // where you make an initial request and t he request times out. If you
 // make the request again with the same request ID, the server can check
 // if original operation with the same request ID was received, and if
 // so, will ignore the second request. This prevents clients from
 // accidentally creating duplicate commitments. The request ID must be a
 // valid UUID with the exception that zero UUID is not supported
 // (00000000-0000-0000-0000-000000000000).
 func (c *ProjectsLocationsCertificateAuthoritiesCertificatesPatchCall) RequestId(requestId string) *ProjectsLocationsCertificateAuthoritiesCertificatesPatchCall {
 	c.urlParams_.Set("requestId", requestId)
 	return c
 }

 // UpdateMask sets the optional parameter "updateMask": Required. A list
 // of fields to be updated in this request.
 func (c *ProjectsLocationsCertificateAuthoritiesCertificatesPatchCall) UpdateMask(updateMask string) *ProjectsLocationsCertificateAuthoritiesCertificatesPatchCall {
 	c.urlParams_.Set("updateMask", updateMask)
 	return c
 }

 // Fields allows partial responses to be retrieved. See
 // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
 // for more information.
 func (c *ProjectsLocationsCertificateAuthoritiesCertificatesPatchCall) Fields(s ...googleapi.Field) *ProjectsLocationsCertificateAuthoritiesCertificatesPatchCall {
 	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 	return c
 }

 // Context sets the context to be used in this call's Do method. Any
 // pending HTTP request will be aborted if the provided context is
 // canceled.
 func (c *ProjectsLocationsCertificateAuthoritiesCertificatesPatchCall) Context(ctx context.Context) *ProjectsLocationsCertificateAuthoritiesCertificatesPatchCall {
 	c.ctx_ = ctx
 	return c
 }

 // Header returns an http.Header that can be modified by the caller to
 // add HTTP headers to the request.
 func (c *ProjectsLocationsCertificateAuthoritiesCertificatesPatchCall) Header() http.Header {
 	if c.header_ == nil {
 		c.header_ = make(http.Header)
 	}
 	return c.header_
 }

 func (c *ProjectsLocationsCertificateAuthoritiesCertificatesPatchCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
 	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210211")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
 	reqHeaders.Set("User-Agent", c.s.userAgent())
 	var body io.Reader = nil
 	body, err := googleapi.WithoutDataWrapper.JSONReader(c.certificate)
 	if err != nil {
 		return nil, err
 	}
 	reqHeaders.Set("Content-Type", "application/json")
 	c.urlParams_.Set("alt", alt)
 	c.urlParams_.Set("prettyPrint", "false")
 	urls := googleapi.ResolveRelative(c.s.BasePath, "v1beta1/{+name}")
 	urls += "?" + c.urlParams_.Encode()
 	req, err := http.NewRequest("PATCH", urls, body)
 	if err != nil {
 		return nil, err
 	}
 	req.Header = reqHeaders
 	googleapi.Expand(req.URL, map[string]string{
 		"name": c.name,
 	})
 	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 }

 // Do executes the "privateca.projects.locations.certificateAuthorities.certificates.patch" call.
 // Exactly one of *Certificate or error will be non-nil. Any non-2xx
 // status code is an error. Response headers are in either
 // *Certificate.ServerResponse.Header or (if a response was returned at
 // all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified
 // to check whether the returned error was because
 // http.StatusNotModified was returned.
 func (c *ProjectsLocationsCertificateAuthoritiesCertificatesPatchCall) Do(opts ...googleapi.CallOption) (*Certificate, error) {
 	gensupport.SetOptions(c.urlParams_, opts...)
 	res, err := c.doRequest("json")
 	if res != nil && res.StatusCode == http.StatusNotModified {
 		if res.Body != nil {
 			res.Body.Close()
 		}
 		return nil, &googleapi.Error{
 			Code:   res.StatusCode,
 			Header: res.Header,
 		}
 	}
 	if err != nil {
 		return nil, err
 	}
 	defer googleapi.CloseBody(res)
 	if err := googleapi.CheckResponse(res); err != nil {
 		return nil, err
 	}
 	ret := &Certificate{
 		ServerResponse: googleapi.ServerResponse{
 			Header:         res.Header,
 			HTTPStatusCode: res.StatusCode,
 		},
 	}
 	target := &ret
 	if err := gensupport.DecodeResponse(target, res); err != nil {
 		return nil, err
 	}
 	return ret, nil
 	// {
 	//   "description": "Update a Certificate. Currently, the only field you can update is the labels field.",
 	//   "flatPath": "v1beta1/projects/{projectsId}/locations/{locationsId}/certificateAuthorities/{certificateAuthoritiesId}/certificates/{certificatesId}",
 	//   "httpMethod": "PATCH",
 	//   "id": "privateca.projects.locations.certificateAuthorities.certificates.patch",
 	//   "parameterOrder": [
 	//     "name"
 	//   ],
 	//   "parameters": {
 	//     "name": {
 	//       "description": "Output only. The resource path for this Certificate in the format `projects/*/locations/*/certificateAuthorities/*/certificates/*`.",
 	//       "location": "path",
 	//       "pattern": "^projects/[^/]+/locations/[^/]+/certificateAuthorities/[^/]+/certificates/[^/]+$",
 	//       "required": true,
 	//       "type": "string"
 	//     },
 	//     "requestId": {
 	//       "description": "Optional. An ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and t he request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
 	//       "location": "query",
 	//       "type": "string"
 	//     },
 	//     "updateMask": {
 	//       "description": "Required. A list of fields to be updated in this request.",
 	//       "format": "google-fieldmask",
 	//       "location": "query",
 	//       "type": "string"
 	//     }
 	//   },
 	//   "path": "v1beta1/{+name}",
 	//   "request": {
 	//     "$ref": "Certificate"
 	//   },
 	//   "response": {
 	//     "$ref": "Certificate"
 	//   },
 	//   "scopes": [
 	//     "https://www.googleapis.com/auth/cloud-platform"
 	//   ]
 	// }

 }

 // method id "privateca.projects.locations.certificateAuthorities.certificates.revoke":

 type ProjectsLocationsCertificateAuthoritiesCertificatesRevokeCall struct {
 	s                        *Service
 	name                     string
 	revokecertificaterequest *RevokeCertificateRequest
 	urlParams_               gensupport.URLParams
 	ctx_                     context.Context
 	header_                  http.Header
 }

 // Revoke: Revoke a Certificate.
 func (r *ProjectsLocationsCertificateAuthoritiesCertificatesService) Revoke(name string, revokecertificaterequest *RevokeCertificateRequest) *ProjectsLocationsCertificateAuthoritiesCertificatesRevokeCall {
 	c := &ProjectsLocationsCertificateAuthoritiesCertificatesRevokeCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 	c.name = name
 	c.revokecertificaterequest = revokecertificaterequest
 	return c
 }

 // Fields allows partial responses to be retrieved. See
 // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
 // for more information.
 func (c *ProjectsLocationsCertificateAuthoritiesCertificatesRevokeCall) Fields(s ...googleapi.Field) *ProjectsLocationsCertificateAuthoritiesCertificatesRevokeCall {
 	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 	return c
 }

 // Context sets the context to be used in this call's Do method. Any
 // pending HTTP request will be aborted if the provided context is
 // canceled.
 func (c *ProjectsLocationsCertificateAuthoritiesCertificatesRevokeCall) Context(ctx context.Context) *ProjectsLocationsCertificateAuthoritiesCertificatesRevokeCall {
 	c.ctx_ = ctx
 	return c
 }

 // Header returns an http.Header that can be modified by the caller to
 // add HTTP headers to the request.
 func (c *ProjectsLocationsCertificateAuthoritiesCertificatesRevokeCall) Header() http.Header {
 	if c.header_ == nil {
 		c.header_ = make(http.Header)
 	}
 	return c.header_
 }

 func (c *ProjectsLocationsCertificateAuthoritiesCertificatesRevokeCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
 	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210211")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
 	reqHeaders.Set("User-Agent", c.s.userAgent())
 	var body io.Reader = nil
 	body, err := googleapi.WithoutDataWrapper.JSONReader(c.revokecertificaterequest)
 	if err != nil {
 		return nil, err
 	}
 	reqHeaders.Set("Content-Type", "application/json")
 	c.urlParams_.Set("alt", alt)
 	c.urlParams_.Set("prettyPrint", "false")
 	urls := googleapi.ResolveRelative(c.s.BasePath, "v1beta1/{+name}:revoke")
 	urls += "?" + c.urlParams_.Encode()
 	req, err := http.NewRequest("POST", urls, body)
 	if err != nil {
 		return nil, err
 	}
 	req.Header = reqHeaders
 	googleapi.Expand(req.URL, map[string]string{
 		"name": c.name,
 	})
 	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 }

 // Do executes the "privateca.projects.locations.certificateAuthorities.certificates.revoke" call.
 // Exactly one of *Certificate or error will be non-nil. Any non-2xx
 // status code is an error. Response headers are in either
 // *Certificate.ServerResponse.Header or (if a response was returned at
 // all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified
 // to check whether the returned error was because
 // http.StatusNotModified was returned.
 func (c *ProjectsLocationsCertificateAuthoritiesCertificatesRevokeCall) Do(opts ...googleapi.CallOption) (*Certificate, error) {
 	gensupport.SetOptions(c.urlParams_, opts...)
 	res, err := c.doRequest("json")
 	if res != nil && res.StatusCode == http.StatusNotModified {
 		if res.Body != nil {
 			res.Body.Close()
 		}
 		return nil, &googleapi.Error{
 			Code:   res.StatusCode,
 			Header: res.Header,
 		}
 	}
 	if err != nil {
 		return nil, err
 	}
 	defer googleapi.CloseBody(res)
 	if err := googleapi.CheckResponse(res); err != nil {
 		return nil, err
 	}
 	ret := &Certificate{
 		ServerResponse: googleapi.ServerResponse{
 			Header:         res.Header,
 			HTTPStatusCode: res.StatusCode,
 		},
 	}
 	target := &ret
 	if err := gensupport.DecodeResponse(target, res); err != nil {
 		return nil, err
 	}
 	return ret, nil
 	// {
 	//   "description": "Revoke a Certificate.",
 	//   "flatPath": "v1beta1/projects/{projectsId}/locations/{locationsId}/certificateAuthorities/{certificateAuthoritiesId}/certificates/{certificatesId}:revoke",
 	//   "httpMethod": "POST",
 	//   "id": "privateca.projects.locations.certificateAuthorities.certificates.revoke",
 	//   "parameterOrder": [
 	//     "name"
 	//   ],
 	//   "parameters": {
 	//     "name": {
 	//       "description": "Required. The resource name for this Certificate in the format `projects/*/locations/*/certificateAuthorities/*/certificates/*`.",
 	//       "location": "path",
 	//       "pattern": "^projects/[^/]+/locations/[^/]+/certificateAuthorities/[^/]+/certificates/[^/]+$",
 	//       "required": true,
 	//       "type": "string"
 	//     }
 	//   },
 	//   "path": "v1beta1/{+name}:revoke",
 	//   "request": {
 	//     "$ref": "RevokeCertificateRequest"
 	//   },
 	//   "response": {
 	//     "$ref": "Certificate"
 	//   },
 	//   "scopes": [
 	//     "https://www.googleapis.com/auth/cloud-platform"
 	//   ]
 	// }

 }

 // method id "privateca.projects.locations.operations.cancel":

 type ProjectsLocationsOperationsCancelCall struct {
 	s                      *Service
 	name                   string
 	canceloperationrequest *CancelOperationRequest
 	urlParams_             gensupport.URLParams
 	ctx_                   context.Context
 	header_                http.Header
 }

 // Cancel: Starts asynchronous cancellation on a long-running operation.
 // The server makes a best effort to cancel the operation, but success
 // is not guaranteed. If the server doesn't support this method, it
 // returns `google.rpc.Code.UNIMPLEMENTED`. Clients can use
 // Operations.GetOperation or other methods to check whether the
 // cancellation succeeded or whether the operation completed despite
 // cancellation. On successful cancellation, the operation is not
 // deleted; instead, it becomes an operation with an Operation.error
 // value with a google.rpc.Status.code of 1, corresponding to
 // `Code.CANCELLED`.
 func (r *ProjectsLocationsOperationsService) Cancel(name string, canceloperationrequest *CancelOperationRequest) *ProjectsLocationsOperationsCancelCall {
 	c := &ProjectsLocationsOperationsCancelCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 	c.name = name
 	c.canceloperationrequest = canceloperationrequest
 	return c
 }

 // Fields allows partial responses to be retrieved. See
 // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
 // for more information.
 func (c *ProjectsLocationsOperationsCancelCall) Fields(s ...googleapi.Field) *ProjectsLocationsOperationsCancelCall {
 	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 	return c
 }

 // Context sets the context to be used in this call's Do method. Any
 // pending HTTP request will be aborted if the provided context is
 // canceled.
 func (c *ProjectsLocationsOperationsCancelCall) Context(ctx context.Context) *ProjectsLocationsOperationsCancelCall {
 	c.ctx_ = ctx
 	return c
 }

 // Header returns an http.Header that can be modified by the caller to
 // add HTTP headers to the request.
 func (c *ProjectsLocationsOperationsCancelCall) Header() http.Header {
 	if c.header_ == nil {
 		c.header_ = make(http.Header)
 	}
 	return c.header_
 }

 func (c *ProjectsLocationsOperationsCancelCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
 	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210211")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
 	reqHeaders.Set("User-Agent", c.s.userAgent())
 	var body io.Reader = nil
 	body, err := googleapi.WithoutDataWrapper.JSONReader(c.canceloperationrequest)
 	if err != nil {
 		return nil, err
 	}
 	reqHeaders.Set("Content-Type", "application/json")
 	c.urlParams_.Set("alt", alt)
 	c.urlParams_.Set("prettyPrint", "false")
 	urls := googleapi.ResolveRelative(c.s.BasePath, "v1beta1/{+name}:cancel")
 	urls += "?" + c.urlParams_.Encode()
 	req, err := http.NewRequest("POST", urls, body)
 	if err != nil {
 		return nil, err
 	}
 	req.Header = reqHeaders
 	googleapi.Expand(req.URL, map[string]string{
 		"name": c.name,
 	})
 	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 }

 // Do executes the "privateca.projects.locations.operations.cancel" call.
 // Exactly one of *Empty or error will be non-nil. Any non-2xx status
 // code is an error. Response headers are in either
 // *Empty.ServerResponse.Header or (if a response was returned at all)
 // in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to
 // check whether the returned error was because http.StatusNotModified
 // was returned.
 func (c *ProjectsLocationsOperationsCancelCall) Do(opts ...googleapi.CallOption) (*Empty, error) {
 	gensupport.SetOptions(c.urlParams_, opts...)
 	res, err := c.doRequest("json")
 	if res != nil && res.StatusCode == http.StatusNotModified {
 		if res.Body != nil {
 			res.Body.Close()
 		}
 		return nil, &googleapi.Error{
 			Code:   res.StatusCode,
 			Header: res.Header,
 		}
 	}
 	if err != nil {
 		return nil, err
 	}
 	defer googleapi.CloseBody(res)
 	if err := googleapi.CheckResponse(res); err != nil {
 		return nil, err
 	}
 	ret := &Empty{
 		ServerResponse: googleapi.ServerResponse{
 			Header:         res.Header,
 			HTTPStatusCode: res.StatusCode,
 		},
 	}
 	target := &ret
 	if err := gensupport.DecodeResponse(target, res); err != nil {
 		return nil, err
 	}
 	return ret, nil
 	// {
 	//   "description": "Starts asynchronous cancellation on a long-running operation. The server makes a best effort to cancel the operation, but success is not guaranteed. If the server doesn't support this method, it returns `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation or other methods to check whether the cancellation succeeded or whether the operation completed despite cancellation. On successful cancellation, the operation is not deleted; instead, it becomes an operation with an Operation.error value with a google.rpc.Status.code of 1, corresponding to `Code.CANCELLED`.",
 	//   "flatPath": "v1beta1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}:cancel",
 	//   "httpMethod": "POST",
 	//   "id": "privateca.projects.locations.operations.cancel",
 	//   "parameterOrder": [
 	//     "name"
 	//   ],
 	//   "parameters": {
 	//     "name": {
 	//       "description": "The name of the operation resource to be cancelled.",
 	//       "location": "path",
 	//       "pattern": "^projects/[^/]+/locations/[^/]+/operations/[^/]+$",
 	//       "required": true,
 	//       "type": "string"
 	//     }
 	//   },
 	//   "path": "v1beta1/{+name}:cancel",
 	//   "request": {
 	//     "$ref": "CancelOperationRequest"
 	//   },
 	//   "response": {
 	//     "$ref": "Empty"
 	//   },
 	//   "scopes": [
 	//     "https://www.googleapis.com/auth/cloud-platform"
 	//   ]
 	// }

 }

 // method id "privateca.projects.locations.operations.delete":

 type ProjectsLocationsOperationsDeleteCall struct {
 	s          *Service
 	name       string
 	urlParams_ gensupport.URLParams
 	ctx_       context.Context
 	header_    http.Header
 }

 // Delete: Deletes a long-running operation. This method indicates that
 // the client is no longer interested in the operation result. It does
 // not cancel the operation. If the server doesn't support this method,
 // it returns `google.rpc.Code.UNIMPLEMENTED`.
 func (r *ProjectsLocationsOperationsService) Delete(name string) *ProjectsLocationsOperationsDeleteCall {
 	c := &ProjectsLocationsOperationsDeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 	c.name = name
 	return c
 }

 // Fields allows partial responses to be retrieved. See
 // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
 // for more information.
 func (c *ProjectsLocationsOperationsDeleteCall) Fields(s ...googleapi.Field) *ProjectsLocationsOperationsDeleteCall {
 	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 	return c
 }

 // Context sets the context to be used in this call's Do method. Any
 // pending HTTP request will be aborted if the provided context is
 // canceled.
 func (c *ProjectsLocationsOperationsDeleteCall) Context(ctx context.Context) *ProjectsLocationsOperationsDeleteCall {
 	c.ctx_ = ctx
 	return c
 }

 // Header returns an http.Header that can be modified by the caller to
 // add HTTP headers to the request.
 func (c *ProjectsLocationsOperationsDeleteCall) Header() http.Header {
 	if c.header_ == nil {
 		c.header_ = make(http.Header)
 	}
 	return c.header_
 }

 func (c *ProjectsLocationsOperationsDeleteCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
 	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210211")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
 	reqHeaders.Set("User-Agent", c.s.userAgent())
 	var body io.Reader = nil
 	c.urlParams_.Set("alt", alt)
 	c.urlParams_.Set("prettyPrint", "false")
 	urls := googleapi.ResolveRelative(c.s.BasePath, "v1beta1/{+name}")
 	urls += "?" + c.urlParams_.Encode()
 	req, err := http.NewRequest("DELETE", urls, body)
 	if err != nil {
 		return nil, err
 	}
 	req.Header = reqHeaders
 	googleapi.Expand(req.URL, map[string]string{
 		"name": c.name,
 	})
 	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 }

 // Do executes the "privateca.projects.locations.operations.delete" call.
 // Exactly one of *Empty or error will be non-nil. Any non-2xx status
 // code is an error. Response headers are in either
 // *Empty.ServerResponse.Header or (if a response was returned at all)
 // in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to
 // check whether the returned error was because http.StatusNotModified
 // was returned.
 func (c *ProjectsLocationsOperationsDeleteCall) Do(opts ...googleapi.CallOption) (*Empty, error) {
 	gensupport.SetOptions(c.urlParams_, opts...)
 	res, err := c.doRequest("json")
 	if res != nil && res.StatusCode == http.StatusNotModified {
 		if res.Body != nil {
 			res.Body.Close()
 		}
 		return nil, &googleapi.Error{
 			Code:   res.StatusCode,
 			Header: res.Header,
 		}
 	}
 	if err != nil {
 		return nil, err
 	}
 	defer googleapi.CloseBody(res)
 	if err := googleapi.CheckResponse(res); err != nil {
 		return nil, err
 	}
 	ret := &Empty{
 		ServerResponse: googleapi.ServerResponse{
 			Header:         res.Header,
 			HTTPStatusCode: res.StatusCode,
 		},
 	}
 	target := &ret
 	if err := gensupport.DecodeResponse(target, res); err != nil {
 		return nil, err
 	}
 	return ret, nil
 	// {
 	//   "description": "Deletes a long-running operation. This method indicates that the client is no longer interested in the operation result. It does not cancel the operation. If the server doesn't support this method, it returns `google.rpc.Code.UNIMPLEMENTED`.",
 	//   "flatPath": "v1beta1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}",
 	//   "httpMethod": "DELETE",
 	//   "id": "privateca.projects.locations.operations.delete",
 	//   "parameterOrder": [
 	//     "name"
 	//   ],
 	//   "parameters": {
 	//     "name": {
 	//       "description": "The name of the operation resource to be deleted.",
 	//       "location": "path",
 	//       "pattern": "^projects/[^/]+/locations/[^/]+/operations/[^/]+$",
 	//       "required": true,
 	//       "type": "string"
 	//     }
 	//   },
 	//   "path": "v1beta1/{+name}",
 	//   "response": {
 	//     "$ref": "Empty"
 	//   },
 	//   "scopes": [
 	//     "https://www.googleapis.com/auth/cloud-platform"
 	//   ]
 	// }

 }

 // method id "privateca.projects.locations.operations.get":

 type ProjectsLocationsOperationsGetCall struct {
 	s            *Service
 	name         string
 	urlParams_   gensupport.URLParams
 	ifNoneMatch_ string
 	ctx_         context.Context
 	header_      http.Header
 }

 // Get: Gets the latest state of a long-running operation. Clients can
 // use this method to poll the operation result at intervals as
 // recommended by the API service.
 func (r *ProjectsLocationsOperationsService) Get(name string) *ProjectsLocationsOperationsGetCall {
 	c := &ProjectsLocationsOperationsGetCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 	c.name = name
 	return c
 }

 // Fields allows partial responses to be retrieved. See
 // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
 // for more information.
 func (c *ProjectsLocationsOperationsGetCall) Fields(s ...googleapi.Field) *ProjectsLocationsOperationsGetCall {
 	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 	return c
 }

 // IfNoneMatch sets the optional parameter which makes the operation
 // fail if the object's ETag matches the given value. This is useful for
 // getting updates only after the object has changed since the last
 // request. Use googleapi.IsNotModified to check whether the response
 // error from Do is the result of In-None-Match.
 func (c *ProjectsLocationsOperationsGetCall) IfNoneMatch(entityTag string) *ProjectsLocationsOperationsGetCall {
 	c.ifNoneMatch_ = entityTag
 	return c
 }

 // Context sets the context to be used in this call's Do method. Any
 // pending HTTP request will be aborted if the provided context is
 // canceled.
 func (c *ProjectsLocationsOperationsGetCall) Context(ctx context.Context) *ProjectsLocationsOperationsGetCall {
 	c.ctx_ = ctx
 	return c
 }

 // Header returns an http.Header that can be modified by the caller to
 // add HTTP headers to the request.
 func (c *ProjectsLocationsOperationsGetCall) Header() http.Header {
 	if c.header_ == nil {
 		c.header_ = make(http.Header)
 	}
 	return c.header_
 }

 func (c *ProjectsLocationsOperationsGetCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
 	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210211")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
 	reqHeaders.Set("User-Agent", c.s.userAgent())
 	if c.ifNoneMatch_ != "" {
 		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
 	}
 	var body io.Reader = nil
 	c.urlParams_.Set("alt", alt)
 	c.urlParams_.Set("prettyPrint", "false")
 	urls := googleapi.ResolveRelative(c.s.BasePath, "v1beta1/{+name}")
 	urls += "?" + c.urlParams_.Encode()
 	req, err := http.NewRequest("GET", urls, body)
 	if err != nil {
 		return nil, err
 	}
 	req.Header = reqHeaders
 	googleapi.Expand(req.URL, map[string]string{
 		"name": c.name,
 	})
 	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 }

 // Do executes the "privateca.projects.locations.operations.get" call.
 // Exactly one of *Operation or error will be non-nil. Any non-2xx
 // status code is an error. Response headers are in either
 // *Operation.ServerResponse.Header or (if a response was returned at
 // all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified
 // to check whether the returned error was because
 // http.StatusNotModified was returned.
 func (c *ProjectsLocationsOperationsGetCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
 	gensupport.SetOptions(c.urlParams_, opts...)
 	res, err := c.doRequest("json")
 	if res != nil && res.StatusCode == http.StatusNotModified {
 		if res.Body != nil {
 			res.Body.Close()
 		}
 		return nil, &googleapi.Error{
 			Code:   res.StatusCode,
 			Header: res.Header,
 		}
 	}
 	if err != nil {
 		return nil, err
 	}
 	defer googleapi.CloseBody(res)
 	if err := googleapi.CheckResponse(res); err != nil {
 		return nil, err
 	}
 	ret := &Operation{
 		ServerResponse: googleapi.ServerResponse{
 			Header:         res.Header,
 			HTTPStatusCode: res.StatusCode,
 		},
 	}
 	target := &ret
 	if err := gensupport.DecodeResponse(target, res); err != nil {
 		return nil, err
 	}
 	return ret, nil
 	// {
 	//   "description": "Gets the latest state of a long-running operation. Clients can use this method to poll the operation result at intervals as recommended by the API service.",
 	//   "flatPath": "v1beta1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}",
 	//   "httpMethod": "GET",
 	//   "id": "privateca.projects.locations.operations.get",
 	//   "parameterOrder": [
 	//     "name"
 	//   ],
 	//   "parameters": {
 	//     "name": {
 	//       "description": "The name of the operation resource.",
 	//       "location": "path",
 	//       "pattern": "^projects/[^/]+/locations/[^/]+/operations/[^/]+$",
 	//       "required": true,
 	//       "type": "string"
 	//     }
 	//   },
 	//   "path": "v1beta1/{+name}",
 	//   "response": {
 	//     "$ref": "Operation"
 	//   },
 	//   "scopes": [
 	//     "https://www.googleapis.com/auth/cloud-platform"
 	//   ]
 	// }

 }

 // method id "privateca.projects.locations.operations.list":

 type ProjectsLocationsOperationsListCall struct {
 	s            *Service
 	name         string
 	urlParams_   gensupport.URLParams
 	ifNoneMatch_ string
 	ctx_         context.Context
 	header_      http.Header
 }

 // List: Lists operations that match the specified filter in the
 // request. If the server doesn't support this method, it returns
 // `UNIMPLEMENTED`. NOTE: the `name` binding allows API services to
 // override the binding to use different resource name schemes, such as
 // `users/*/operations`. To override the binding, API services can add a
 // binding such as "/v1/{name=users/*}/operations" to their service
 // configuration. For backwards compatibility, the default name includes
 // the operations collection id, however overriding users must ensure
 // the name binding is the parent resource, without the operations
 // collection id.
 func (r *ProjectsLocationsOperationsService) List(name string) *ProjectsLocationsOperationsListCall {
 	c := &ProjectsLocationsOperationsListCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 	c.name = name
 	return c
 }

 // Filter sets the optional parameter "filter": The standard list
 // filter.
 func (c *ProjectsLocationsOperationsListCall) Filter(filter string) *ProjectsLocationsOperationsListCall {
 	c.urlParams_.Set("filter", filter)
 	return c
 }

 // PageSize sets the optional parameter "pageSize": The standard list
 // page size.
 func (c *ProjectsLocationsOperationsListCall) PageSize(pageSize int64) *ProjectsLocationsOperationsListCall {
 	c.urlParams_.Set("pageSize", fmt.Sprint(pageSize))
 	return c
 }

 // PageToken sets the optional parameter "pageToken": The standard list
 // page token.
 func (c *ProjectsLocationsOperationsListCall) PageToken(pageToken string) *ProjectsLocationsOperationsListCall {
 	c.urlParams_.Set("pageToken", pageToken)
 	return c
 }

 // Fields allows partial responses to be retrieved. See
 // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
 // for more information.
 func (c *ProjectsLocationsOperationsListCall) Fields(s ...googleapi.Field) *ProjectsLocationsOperationsListCall {
 	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 	return c
 }

 // IfNoneMatch sets the optional parameter which makes the operation
 // fail if the object's ETag matches the given value. This is useful for
 // getting updates only after the object has changed since the last
 // request. Use googleapi.IsNotModified to check whether the response
 // error from Do is the result of In-None-Match.
 func (c *ProjectsLocationsOperationsListCall) IfNoneMatch(entityTag string) *ProjectsLocationsOperationsListCall {
 	c.ifNoneMatch_ = entityTag
 	return c
 }

 // Context sets the context to be used in this call's Do method. Any
 // pending HTTP request will be aborted if the provided context is
 // canceled.
 func (c *ProjectsLocationsOperationsListCall) Context(ctx context.Context) *ProjectsLocationsOperationsListCall {
 	c.ctx_ = ctx
 	return c
 }

 // Header returns an http.Header that can be modified by the caller to
 // add HTTP headers to the request.
 func (c *ProjectsLocationsOperationsListCall) Header() http.Header {
 	if c.header_ == nil {
 		c.header_ = make(http.Header)
 	}
 	return c.header_
 }

 func (c *ProjectsLocationsOperationsListCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
 	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210211")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
 	reqHeaders.Set("User-Agent", c.s.userAgent())
 	if c.ifNoneMatch_ != "" {
 		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
 	}
 	var body io.Reader = nil
 	c.urlParams_.Set("alt", alt)
 	c.urlParams_.Set("prettyPrint", "false")
 	urls := googleapi.ResolveRelative(c.s.BasePath, "v1beta1/{+name}/operations")
 	urls += "?" + c.urlParams_.Encode()
 	req, err := http.NewRequest("GET", urls, body)
 	if err != nil {
 		return nil, err
 	}
 	req.Header = reqHeaders
 	googleapi.Expand(req.URL, map[string]string{
 		"name": c.name,
 	})
 	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 }

 // Do executes the "privateca.projects.locations.operations.list" call.
 // Exactly one of *ListOperationsResponse or error will be non-nil. Any
 // non-2xx status code is an error. Response headers are in either
 // *ListOperationsResponse.ServerResponse.Header or (if a response was
 // returned at all) in error.(*googleapi.Error).Header. Use
 // googleapi.IsNotModified to check whether the returned error was
 // because http.StatusNotModified was returned.
 func (c *ProjectsLocationsOperationsListCall) Do(opts ...googleapi.CallOption) (*ListOperationsResponse, error) {
 	gensupport.SetOptions(c.urlParams_, opts...)
 	res, err := c.doRequest("json")
 	if res != nil && res.StatusCode == http.StatusNotModified {
 		if res.Body != nil {
 			res.Body.Close()
 		}
 		return nil, &googleapi.Error{
 			Code:   res.StatusCode,
 			Header: res.Header,
 		}
 	}
 	if err != nil {
 		return nil, err
 	}
 	defer googleapi.CloseBody(res)
 	if err := googleapi.CheckResponse(res); err != nil {
 		return nil, err
 	}
 	ret := &ListOperationsResponse{
 		ServerResponse: googleapi.ServerResponse{
 			Header:         res.Header,
 			HTTPStatusCode: res.StatusCode,
 		},
 	}
 	target := &ret
 	if err := gensupport.DecodeResponse(target, res); err != nil {
 		return nil, err
 	}
 	return ret, nil
 	// {
 	//   "description": "Lists operations that match the specified filter in the request. If the server doesn't support this method, it returns `UNIMPLEMENTED`. NOTE: the `name` binding allows API services to override the binding to use different resource name schemes, such as `users/*/operations`. To override the binding, API services can add a binding such as `\"/v1/{name=users/*}/operations\"` to their service configuration. For backwards compatibility, the default name includes the operations collection id, however overriding users must ensure the name binding is the parent resource, without the operations collection id.",
 	//   "flatPath": "v1beta1/projects/{projectsId}/locations/{locationsId}/operations",
 	//   "httpMethod": "GET",
 	//   "id": "privateca.projects.locations.operations.list",
 	//   "parameterOrder": [
 	//     "name"
 	//   ],
 	//   "parameters": {
 	//     "filter": {
 	//       "description": "The standard list filter.",
 	//       "location": "query",
 	//       "type": "string"
 	//     },
 	//     "name": {
 	//       "description": "The name of the operation's parent resource.",
 	//       "location": "path",
 	//       "pattern": "^projects/[^/]+/locations/[^/]+$",
 	//       "required": true,
 	//       "type": "string"
 	//     },
 	//     "pageSize": {
 	//       "description": "The standard list page size.",
 	//       "format": "int32",
 	//       "location": "query",
 	//       "type": "integer"
 	//     },
 	//     "pageToken": {
 	//       "description": "The standard list page token.",
 	//       "location": "query",
 	//       "type": "string"
 	//     }
 	//   },
 	//   "path": "v1beta1/{+name}/operations",
 	//   "response": {
 	//     "$ref": "ListOperationsResponse"
 	//   },
 	//   "scopes": [
 	//     "https://www.googleapis.com/auth/cloud-platform"
 	//   ]
 	// }

 }

 // Pages invokes f for each page of results.
 // A non-nil error returned from f will halt the iteration.
 // The provided context supersedes any context provided to the Context method.
 func (c *ProjectsLocationsOperationsListCall) Pages(ctx context.Context, f func(*ListOperationsResponse) error) error {
 	c.ctx_ = ctx
 	defer c.PageToken(c.urlParams_.Get("pageToken")) // reset paging to original point
 	for {
 		x, err := c.Do()
 		if err != nil {
 			return err
 		}
 		if err := f(x); err != nil {
 			return err
 		}
 		if x.NextPageToken == "" {
 			return nil
 		}
 		c.PageToken(x.NextPageToken)
 	}
 }

 // method id "privateca.projects.locations.reusableConfigs.get":

 type ProjectsLocationsReusableConfigsGetCall struct {
 	s            *Service
 	name         string
 	urlParams_   gensupport.URLParams
 	ifNoneMatch_ string
 	ctx_         context.Context
 	header_      http.Header
 }

 // Get: Returns a ReusableConfig.
 func (r *ProjectsLocationsReusableConfigsService) Get(name string) *ProjectsLocationsReusableConfigsGetCall {
 	c := &ProjectsLocationsReusableConfigsGetCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 	c.name = name
 	return c
 }

 // Fields allows partial responses to be retrieved. See
 // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
 // for more information.
 func (c *ProjectsLocationsReusableConfigsGetCall) Fields(s ...googleapi.Field) *ProjectsLocationsReusableConfigsGetCall {
 	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 	return c
 }

 // IfNoneMatch sets the optional parameter which makes the operation
 // fail if the object's ETag matches the given value. This is useful for
 // getting updates only after the object has changed since the last
 // request. Use googleapi.IsNotModified to check whether the response
 // error from Do is the result of In-None-Match.
 func (c *ProjectsLocationsReusableConfigsGetCall) IfNoneMatch(entityTag string) *ProjectsLocationsReusableConfigsGetCall {
 	c.ifNoneMatch_ = entityTag
 	return c
 }

 // Context sets the context to be used in this call's Do method. Any
 // pending HTTP request will be aborted if the provided context is
 // canceled.
 func (c *ProjectsLocationsReusableConfigsGetCall) Context(ctx context.Context) *ProjectsLocationsReusableConfigsGetCall {
 	c.ctx_ = ctx
 	return c
 }

 // Header returns an http.Header that can be modified by the caller to
 // add HTTP headers to the request.
 func (c *ProjectsLocationsReusableConfigsGetCall) Header() http.Header {
 	if c.header_ == nil {
 		c.header_ = make(http.Header)
 	}
 	return c.header_
 }

 func (c *ProjectsLocationsReusableConfigsGetCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
 	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210211")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
 	reqHeaders.Set("User-Agent", c.s.userAgent())
 	if c.ifNoneMatch_ != "" {
 		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
 	}
 	var body io.Reader = nil
 	c.urlParams_.Set("alt", alt)
 	c.urlParams_.Set("prettyPrint", "false")
 	urls := googleapi.ResolveRelative(c.s.BasePath, "v1beta1/{+name}")
 	urls += "?" + c.urlParams_.Encode()
 	req, err := http.NewRequest("GET", urls, body)
 	if err != nil {
 		return nil, err
 	}
 	req.Header = reqHeaders
 	googleapi.Expand(req.URL, map[string]string{
 		"name": c.name,
 	})
 	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 }

 // Do executes the "privateca.projects.locations.reusableConfigs.get" call.
 // Exactly one of *ReusableConfig or error will be non-nil. Any non-2xx
 // status code is an error. Response headers are in either
 // *ReusableConfig.ServerResponse.Header or (if a response was returned
 // at all) in error.(*googleapi.Error).Header. Use
 // googleapi.IsNotModified to check whether the returned error was
 // because http.StatusNotModified was returned.
 func (c *ProjectsLocationsReusableConfigsGetCall) Do(opts ...googleapi.CallOption) (*ReusableConfig, error) {
 	gensupport.SetOptions(c.urlParams_, opts...)
 	res, err := c.doRequest("json")
 	if res != nil && res.StatusCode == http.StatusNotModified {
 		if res.Body != nil {
 			res.Body.Close()
 		}
 		return nil, &googleapi.Error{
 			Code:   res.StatusCode,
 			Header: res.Header,
 		}
 	}
 	if err != nil {
 		return nil, err
 	}
 	defer googleapi.CloseBody(res)
 	if err := googleapi.CheckResponse(res); err != nil {
 		return nil, err
 	}
 	ret := &ReusableConfig{
 		ServerResponse: googleapi.ServerResponse{
 			Header:         res.Header,
 			HTTPStatusCode: res.StatusCode,
 		},
 	}
 	target := &ret
 	if err := gensupport.DecodeResponse(target, res); err != nil {
 		return nil, err
 	}
 	return ret, nil
 	// {
 	//   "description": "Returns a ReusableConfig.",
 	//   "flatPath": "v1beta1/projects/{projectsId}/locations/{locationsId}/reusableConfigs/{reusableConfigsId}",
 	//   "httpMethod": "GET",
 	//   "id": "privateca.projects.locations.reusableConfigs.get",
 	//   "parameterOrder": [
 	//     "name"
 	//   ],
 	//   "parameters": {
 	//     "name": {
 	//       "description": "Required. The name of the ReusableConfigs to get.",
 	//       "location": "path",
 	//       "pattern": "^projects/[^/]+/locations/[^/]+/reusableConfigs/[^/]+$",
 	//       "required": true,
 	//       "type": "string"
 	//     }
 	//   },
 	//   "path": "v1beta1/{+name}",
 	//   "response": {
 	//     "$ref": "ReusableConfig"
 	//   },
 	//   "scopes": [
 	//     "https://www.googleapis.com/auth/cloud-platform"
 	//   ]
 	// }

 }

 // method id "privateca.projects.locations.reusableConfigs.getIamPolicy":

 type ProjectsLocationsReusableConfigsGetIamPolicyCall struct {
 	s            *Service
 	resource     string
 	urlParams_   gensupport.URLParams
 	ifNoneMatch_ string
 	ctx_         context.Context
 	header_      http.Header
 }

 // GetIamPolicy: Gets the access control policy for a resource. Returns
 // an empty policy if the resource exists and does not have a policy
 // set.
 func (r *ProjectsLocationsReusableConfigsService) GetIamPolicy(resource string) *ProjectsLocationsReusableConfigsGetIamPolicyCall {
 	c := &ProjectsLocationsReusableConfigsGetIamPolicyCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 	c.resource = resource
 	return c
 }

 // OptionsRequestedPolicyVersion sets the optional parameter
 // "options.requestedPolicyVersion": The policy format version to be
 // returned. Valid values are 0, 1, and 3. Requests specifying an
 // invalid value will be rejected. Requests for policies with any
 // conditional bindings must specify version 3. Policies without any
 // conditional bindings may specify any valid value or leave the field
 // unset. To learn which resources support conditions in their IAM
 // policies, see the IAM documentation
 // (https://cloud.google.com/iam/help/conditions/resource-policies).
 func (c *ProjectsLocationsReusableConfigsGetIamPolicyCall) OptionsRequestedPolicyVersion(optionsRequestedPolicyVersion int64) *ProjectsLocationsReusableConfigsGetIamPolicyCall {
 	c.urlParams_.Set("options.requestedPolicyVersion", fmt.Sprint(optionsRequestedPolicyVersion))
 	return c
 }

 // Fields allows partial responses to be retrieved. See
 // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
 // for more information.
 func (c *ProjectsLocationsReusableConfigsGetIamPolicyCall) Fields(s ...googleapi.Field) *ProjectsLocationsReusableConfigsGetIamPolicyCall {
 	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 	return c
 }

 // IfNoneMatch sets the optional parameter which makes the operation
 // fail if the object's ETag matches the given value. This is useful for
 // getting updates only after the object has changed since the last
 // request. Use googleapi.IsNotModified to check whether the response
 // error from Do is the result of In-None-Match.
 func (c *ProjectsLocationsReusableConfigsGetIamPolicyCall) IfNoneMatch(entityTag string) *ProjectsLocationsReusableConfigsGetIamPolicyCall {
 	c.ifNoneMatch_ = entityTag
 	return c
 }

 // Context sets the context to be used in this call's Do method. Any
 // pending HTTP request will be aborted if the provided context is
 // canceled.
 func (c *ProjectsLocationsReusableConfigsGetIamPolicyCall) Context(ctx context.Context) *ProjectsLocationsReusableConfigsGetIamPolicyCall {
 	c.ctx_ = ctx
 	return c
 }

 // Header returns an http.Header that can be modified by the caller to
 // add HTTP headers to the request.
 func (c *ProjectsLocationsReusableConfigsGetIamPolicyCall) Header() http.Header {
 	if c.header_ == nil {
 		c.header_ = make(http.Header)
 	}
 	return c.header_
 }

 func (c *ProjectsLocationsReusableConfigsGetIamPolicyCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
 	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210211")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
 	reqHeaders.Set("User-Agent", c.s.userAgent())
 	if c.ifNoneMatch_ != "" {
 		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
 	}
 	var body io.Reader = nil
 	c.urlParams_.Set("alt", alt)
 	c.urlParams_.Set("prettyPrint", "false")
 	urls := googleapi.ResolveRelative(c.s.BasePath, "v1beta1/{+resource}:getIamPolicy")
 	urls += "?" + c.urlParams_.Encode()
 	req, err := http.NewRequest("GET", urls, body)
 	if err != nil {
 		return nil, err
 	}
 	req.Header = reqHeaders
 	googleapi.Expand(req.URL, map[string]string{
 		"resource": c.resource,
 	})
 	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 }

 // Do executes the "privateca.projects.locations.reusableConfigs.getIamPolicy" call.
 // Exactly one of *Policy or error will be non-nil. Any non-2xx status
 // code is an error. Response headers are in either
 // *Policy.ServerResponse.Header or (if a response was returned at all)
 // in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to
 // check whether the returned error was because http.StatusNotModified
 // was returned.
 func (c *ProjectsLocationsReusableConfigsGetIamPolicyCall) Do(opts ...googleapi.CallOption) (*Policy, error) {
 	gensupport.SetOptions(c.urlParams_, opts...)
 	res, err := c.doRequest("json")
 	if res != nil && res.StatusCode == http.StatusNotModified {
 		if res.Body != nil {
 			res.Body.Close()
 		}
 		return nil, &googleapi.Error{
 			Code:   res.StatusCode,
 			Header: res.Header,
 		}
 	}
 	if err != nil {
 		return nil, err
 	}
 	defer googleapi.CloseBody(res)
 	if err := googleapi.CheckResponse(res); err != nil {
 		return nil, err
 	}
 	ret := &Policy{
 		ServerResponse: googleapi.ServerResponse{
 			Header:         res.Header,
 			HTTPStatusCode: res.StatusCode,
 		},
 	}
 	target := &ret
 	if err := gensupport.DecodeResponse(target, res); err != nil {
 		return nil, err
 	}
 	return ret, nil
 	// {
 	//   "description": "Gets the access control policy for a resource. Returns an empty policy if the resource exists and does not have a policy set.",
 	//   "flatPath": "v1beta1/projects/{projectsId}/locations/{locationsId}/reusableConfigs/{reusableConfigsId}:getIamPolicy",
 	//   "httpMethod": "GET",
 	//   "id": "privateca.projects.locations.reusableConfigs.getIamPolicy",
 	//   "parameterOrder": [
 	//     "resource"
 	//   ],
 	//   "parameters": {
 	//     "options.requestedPolicyVersion": {
 	//       "description": "Optional. The policy format version to be returned. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).",
 	//       "format": "int32",
 	//       "location": "query",
 	//       "type": "integer"
 	//     },
 	//     "resource": {
 	//       "description": "REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field.",
 	//       "location": "path",
 	//       "pattern": "^projects/[^/]+/locations/[^/]+/reusableConfigs/[^/]+$",
 	//       "required": true,
 	//       "type": "string"
 	//     }
 	//   },
 	//   "path": "v1beta1/{+resource}:getIamPolicy",
 	//   "response": {
 	//     "$ref": "Policy"
 	//   },
 	//   "scopes": [
 	//     "https://www.googleapis.com/auth/cloud-platform"
 	//   ]
 	// }

 }

 // method id "privateca.projects.locations.reusableConfigs.list":

 type ProjectsLocationsReusableConfigsListCall struct {
 	s            *Service
 	parent       string
 	urlParams_   gensupport.URLParams
 	ifNoneMatch_ string
 	ctx_         context.Context
 	header_      http.Header
 }

 // List: Lists ReusableConfigs.
 func (r *ProjectsLocationsReusableConfigsService) List(parent string) *ProjectsLocationsReusableConfigsListCall {
 	c := &ProjectsLocationsReusableConfigsListCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 	c.parent = parent
 	return c
 }

 // Filter sets the optional parameter "filter": Only include resources
 // that match the filter in the response.
 func (c *ProjectsLocationsReusableConfigsListCall) Filter(filter string) *ProjectsLocationsReusableConfigsListCall {
 	c.urlParams_.Set("filter", filter)
 	return c
 }

 // OrderBy sets the optional parameter "orderBy": Specify how the
 // results should be sorted.
 func (c *ProjectsLocationsReusableConfigsListCall) OrderBy(orderBy string) *ProjectsLocationsReusableConfigsListCall {
 	c.urlParams_.Set("orderBy", orderBy)
 	return c
 }

 // PageSize sets the optional parameter "pageSize": Limit on the number
 // of ReusableConfigs to include in the response. Further
 // ReusableConfigs can subsequently be obtained by including the
 // ListReusableConfigsResponse.next_page_token in a subsequent request.
 // If unspecified, the server will pick an appropriate default.
 func (c *ProjectsLocationsReusableConfigsListCall) PageSize(pageSize int64) *ProjectsLocationsReusableConfigsListCall {
 	c.urlParams_.Set("pageSize", fmt.Sprint(pageSize))
 	return c
 }

 // PageToken sets the optional parameter "pageToken": Pagination token,
 // returned earlier via ListReusableConfigsResponse.next_page_token.
 func (c *ProjectsLocationsReusableConfigsListCall) PageToken(pageToken string) *ProjectsLocationsReusableConfigsListCall {
 	c.urlParams_.Set("pageToken", pageToken)
 	return c
 }

 // Fields allows partial responses to be retrieved. See
 // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
 // for more information.
 func (c *ProjectsLocationsReusableConfigsListCall) Fields(s ...googleapi.Field) *ProjectsLocationsReusableConfigsListCall {
 	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 	return c
 }

 // IfNoneMatch sets the optional parameter which makes the operation
 // fail if the object's ETag matches the given value. This is useful for
 // getting updates only after the object has changed since the last
 // request. Use googleapi.IsNotModified to check whether the response
 // error from Do is the result of In-None-Match.
 func (c *ProjectsLocationsReusableConfigsListCall) IfNoneMatch(entityTag string) *ProjectsLocationsReusableConfigsListCall {
 	c.ifNoneMatch_ = entityTag
 	return c
 }

 // Context sets the context to be used in this call's Do method. Any
 // pending HTTP request will be aborted if the provided context is
 // canceled.
 func (c *ProjectsLocationsReusableConfigsListCall) Context(ctx context.Context) *ProjectsLocationsReusableConfigsListCall {
 	c.ctx_ = ctx
 	return c
 }

 // Header returns an http.Header that can be modified by the caller to
 // add HTTP headers to the request.
 func (c *ProjectsLocationsReusableConfigsListCall) Header() http.Header {
 	if c.header_ == nil {
 		c.header_ = make(http.Header)
 	}
 	return c.header_
 }

 func (c *ProjectsLocationsReusableConfigsListCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
 	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210211")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
 	reqHeaders.Set("User-Agent", c.s.userAgent())
 	if c.ifNoneMatch_ != "" {
 		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
 	}
 	var body io.Reader = nil
 	c.urlParams_.Set("alt", alt)
 	c.urlParams_.Set("prettyPrint", "false")
 	urls := googleapi.ResolveRelative(c.s.BasePath, "v1beta1/{+parent}/reusableConfigs")
 	urls += "?" + c.urlParams_.Encode()
 	req, err := http.NewRequest("GET", urls, body)
 	if err != nil {
 		return nil, err
 	}
 	req.Header = reqHeaders
 	googleapi.Expand(req.URL, map[string]string{
 		"parent": c.parent,
 	})
 	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 }

 // Do executes the "privateca.projects.locations.reusableConfigs.list" call.
 // Exactly one of *ListReusableConfigsResponse or error will be non-nil.
 // Any non-2xx status code is an error. Response headers are in either
 // *ListReusableConfigsResponse.ServerResponse.Header or (if a response
 // was returned at all) in error.(*googleapi.Error).Header. Use
 // googleapi.IsNotModified to check whether the returned error was
 // because http.StatusNotModified was returned.
 func (c *ProjectsLocationsReusableConfigsListCall) Do(opts ...googleapi.CallOption) (*ListReusableConfigsResponse, error) {
 	gensupport.SetOptions(c.urlParams_, opts...)
 	res, err := c.doRequest("json")
 	if res != nil && res.StatusCode == http.StatusNotModified {
 		if res.Body != nil {
 			res.Body.Close()
 		}
 		return nil, &googleapi.Error{
 			Code:   res.StatusCode,
 			Header: res.Header,
 		}
 	}
 	if err != nil {
 		return nil, err
 	}
 	defer googleapi.CloseBody(res)
 	if err := googleapi.CheckResponse(res); err != nil {
 		return nil, err
 	}
 	ret := &ListReusableConfigsResponse{
 		ServerResponse: googleapi.ServerResponse{
 			Header:         res.Header,
 			HTTPStatusCode: res.StatusCode,
 		},
 	}
 	target := &ret
 	if err := gensupport.DecodeResponse(target, res); err != nil {
 		return nil, err
 	}
 	return ret, nil
 	// {
 	//   "description": "Lists ReusableConfigs.",
 	//   "flatPath": "v1beta1/projects/{projectsId}/locations/{locationsId}/reusableConfigs",
 	//   "httpMethod": "GET",
 	//   "id": "privateca.projects.locations.reusableConfigs.list",
 	//   "parameterOrder": [
 	//     "parent"
 	//   ],
 	//   "parameters": {
 	//     "filter": {
 	//       "description": "Optional. Only include resources that match the filter in the response.",
 	//       "location": "query",
 	//       "type": "string"
 	//     },
 	//     "orderBy": {
 	//       "description": "Optional. Specify how the results should be sorted.",
 	//       "location": "query",
 	//       "type": "string"
 	//     },
 	//     "pageSize": {
 	//       "description": "Optional. Limit on the number of ReusableConfigs to include in the response. Further ReusableConfigs can subsequently be obtained by including the ListReusableConfigsResponse.next_page_token in a subsequent request. If unspecified, the server will pick an appropriate default.",
 	//       "format": "int32",
 	//       "location": "query",
 	//       "type": "integer"
 	//     },
 	//     "pageToken": {
 	//       "description": "Optional. Pagination token, returned earlier via ListReusableConfigsResponse.next_page_token.",
 	//       "location": "query",
 	//       "type": "string"
 	//     },
 	//     "parent": {
 	//       "description": "Required. The resource name of the location associated with the ReusableConfigs, in the format `projects/*/locations/*`.",
 	//       "location": "path",
 	//       "pattern": "^projects/[^/]+/locations/[^/]+$",
 	//       "required": true,
 	//       "type": "string"
 	//     }
 	//   },
 	//   "path": "v1beta1/{+parent}/reusableConfigs",
 	//   "response": {
 	//     "$ref": "ListReusableConfigsResponse"
 	//   },
 	//   "scopes": [
 	//     "https://www.googleapis.com/auth/cloud-platform"
 	//   ]
 	// }

 }

 // Pages invokes f for each page of results.
 // A non-nil error returned from f will halt the iteration.
 // The provided context supersedes any context provided to the Context method.
 func (c *ProjectsLocationsReusableConfigsListCall) Pages(ctx context.Context, f func(*ListReusableConfigsResponse) error) error {
 	c.ctx_ = ctx
 	defer c.PageToken(c.urlParams_.Get("pageToken")) // reset paging to original point
 	for {
 		x, err := c.Do()
 		if err != nil {
 			return err
 		}
 		if err := f(x); err != nil {
 			return err
 		}
 		if x.NextPageToken == "" {
 			return nil
 		}
 		c.PageToken(x.NextPageToken)
 	}
 }

 // method id "privateca.projects.locations.reusableConfigs.setIamPolicy":

 type ProjectsLocationsReusableConfigsSetIamPolicyCall struct {
 	s                   *Service
 	resource            string
 	setiampolicyrequest *SetIamPolicyRequest
 	urlParams_          gensupport.URLParams
 	ctx_                context.Context
 	header_             http.Header
 }

 // SetIamPolicy: Sets the access control policy on the specified
 // resource. Replaces any existing policy. Can return `NOT_FOUND`,
 // `INVALID_ARGUMENT`, and `PERMISSION_DENIED` errors.
 func (r *ProjectsLocationsReusableConfigsService) SetIamPolicy(resource string, setiampolicyrequest *SetIamPolicyRequest) *ProjectsLocationsReusableConfigsSetIamPolicyCall {
 	c := &ProjectsLocationsReusableConfigsSetIamPolicyCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 	c.resource = resource
 	c.setiampolicyrequest = setiampolicyrequest
 	return c
 }

 // Fields allows partial responses to be retrieved. See
 // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
 // for more information.
 func (c *ProjectsLocationsReusableConfigsSetIamPolicyCall) Fields(s ...googleapi.Field) *ProjectsLocationsReusableConfigsSetIamPolicyCall {
 	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 	return c
 }

 // Context sets the context to be used in this call's Do method. Any
 // pending HTTP request will be aborted if the provided context is
 // canceled.
 func (c *ProjectsLocationsReusableConfigsSetIamPolicyCall) Context(ctx context.Context) *ProjectsLocationsReusableConfigsSetIamPolicyCall {
 	c.ctx_ = ctx
 	return c
 }

 // Header returns an http.Header that can be modified by the caller to
 // add HTTP headers to the request.
 func (c *ProjectsLocationsReusableConfigsSetIamPolicyCall) Header() http.Header {
 	if c.header_ == nil {
 		c.header_ = make(http.Header)
 	}
 	return c.header_
 }

 func (c *ProjectsLocationsReusableConfigsSetIamPolicyCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
 	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210211")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
 	reqHeaders.Set("User-Agent", c.s.userAgent())
 	var body io.Reader = nil
 	body, err := googleapi.WithoutDataWrapper.JSONReader(c.setiampolicyrequest)
 	if err != nil {
 		return nil, err
 	}
 	reqHeaders.Set("Content-Type", "application/json")
 	c.urlParams_.Set("alt", alt)
 	c.urlParams_.Set("prettyPrint", "false")
 	urls := googleapi.ResolveRelative(c.s.BasePath, "v1beta1/{+resource}:setIamPolicy")
 	urls += "?" + c.urlParams_.Encode()
 	req, err := http.NewRequest("POST", urls, body)
 	if err != nil {
 		return nil, err
 	}
 	req.Header = reqHeaders
 	googleapi.Expand(req.URL, map[string]string{
 		"resource": c.resource,
 	})
 	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 }

 // Do executes the "privateca.projects.locations.reusableConfigs.setIamPolicy" call.
 // Exactly one of *Policy or error will be non-nil. Any non-2xx status
 // code is an error. Response headers are in either
 // *Policy.ServerResponse.Header or (if a response was returned at all)
 // in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to
 // check whether the returned error was because http.StatusNotModified
 // was returned.
 func (c *ProjectsLocationsReusableConfigsSetIamPolicyCall) Do(opts ...googleapi.CallOption) (*Policy, error) {
 	gensupport.SetOptions(c.urlParams_, opts...)
 	res, err := c.doRequest("json")
 	if res != nil && res.StatusCode == http.StatusNotModified {
 		if res.Body != nil {
 			res.Body.Close()
 		}
 		return nil, &googleapi.Error{
 			Code:   res.StatusCode,
 			Header: res.Header,
 		}
 	}
 	if err != nil {
 		return nil, err
 	}
 	defer googleapi.CloseBody(res)
 	if err := googleapi.CheckResponse(res); err != nil {
 		return nil, err
 	}
 	ret := &Policy{
 		ServerResponse: googleapi.ServerResponse{
 			Header:         res.Header,
 			HTTPStatusCode: res.StatusCode,
 		},
 	}
 	target := &ret
 	if err := gensupport.DecodeResponse(target, res); err != nil {
 		return nil, err
 	}
 	return ret, nil
 	// {
 	//   "description": "Sets the access control policy on the specified resource. Replaces any existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and `PERMISSION_DENIED` errors.",
 	//   "flatPath": "v1beta1/projects/{projectsId}/locations/{locationsId}/reusableConfigs/{reusableConfigsId}:setIamPolicy",
 	//   "httpMethod": "POST",
 	//   "id": "privateca.projects.locations.reusableConfigs.setIamPolicy",
 	//   "parameterOrder": [
 	//     "resource"
 	//   ],
 	//   "parameters": {
 	//     "resource": {
 	//       "description": "REQUIRED: The resource for which the policy is being specified. See the operation documentation for the appropriate value for this field.",
 	//       "location": "path",
 	//       "pattern": "^projects/[^/]+/locations/[^/]+/reusableConfigs/[^/]+$",
 	//       "required": true,
 	//       "type": "string"
 	//     }
 	//   },
 	//   "path": "v1beta1/{+resource}:setIamPolicy",
 	//   "request": {
 	//     "$ref": "SetIamPolicyRequest"
 	//   },
 	//   "response": {
 	//     "$ref": "Policy"
 	//   },
 	//   "scopes": [
 	//     "https://www.googleapis.com/auth/cloud-platform"
 	//   ]
 	// }

 }

 // method id "privateca.projects.locations.reusableConfigs.testIamPermissions":

 type ProjectsLocationsReusableConfigsTestIamPermissionsCall struct {
 	s                         *Service
 	resource                  string
 	testiampermissionsrequest *TestIamPermissionsRequest
 	urlParams_                gensupport.URLParams
 	ctx_                      context.Context
 	header_                   http.Header
 }

 // TestIamPermissions: Returns permissions that a caller has on the
 // specified resource. If the resource does not exist, this will return
 // an empty set of permissions, not a `NOT_FOUND` error. Note: This
 // operation is designed to be used for building permission-aware UIs
 // and command-line tools, not for authorization checking. This
 // operation may "fail open" without warning.
 func (r *ProjectsLocationsReusableConfigsService) TestIamPermissions(resource string, testiampermissionsrequest *TestIamPermissionsRequest) *ProjectsLocationsReusableConfigsTestIamPermissionsCall {
 	c := &ProjectsLocationsReusableConfigsTestIamPermissionsCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 	c.resource = resource
 	c.testiampermissionsrequest = testiampermissionsrequest
 	return c
 }

 // Fields allows partial responses to be retrieved. See
 // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
 // for more information.
 func (c *ProjectsLocationsReusableConfigsTestIamPermissionsCall) Fields(s ...googleapi.Field) *ProjectsLocationsReusableConfigsTestIamPermissionsCall {
 	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 	return c
 }

 // Context sets the context to be used in this call's Do method. Any
 // pending HTTP request will be aborted if the provided context is
 // canceled.
 func (c *ProjectsLocationsReusableConfigsTestIamPermissionsCall) Context(ctx context.Context) *ProjectsLocationsReusableConfigsTestIamPermissionsCall {
 	c.ctx_ = ctx
 	return c
 }

 // Header returns an http.Header that can be modified by the caller to
 // add HTTP headers to the request.
 func (c *ProjectsLocationsReusableConfigsTestIamPermissionsCall) Header() http.Header {
 	if c.header_ == nil {
 		c.header_ = make(http.Header)
 	}
 	return c.header_
 }

 func (c *ProjectsLocationsReusableConfigsTestIamPermissionsCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
 	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210211")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
 	reqHeaders.Set("User-Agent", c.s.userAgent())
 	var body io.Reader = nil
 	body, err := googleapi.WithoutDataWrapper.JSONReader(c.testiampermissionsrequest)
 	if err != nil {
 		return nil, err
 	}
 	reqHeaders.Set("Content-Type", "application/json")
 	c.urlParams_.Set("alt", alt)
 	c.urlParams_.Set("prettyPrint", "false")
 	urls := googleapi.ResolveRelative(c.s.BasePath, "v1beta1/{+resource}:testIamPermissions")
 	urls += "?" + c.urlParams_.Encode()
 	req, err := http.NewRequest("POST", urls, body)
 	if err != nil {
 		return nil, err
 	}
 	req.Header = reqHeaders
 	googleapi.Expand(req.URL, map[string]string{
 		"resource": c.resource,
 	})
 	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 }

 // Do executes the "privateca.projects.locations.reusableConfigs.testIamPermissions" call.
 // Exactly one of *TestIamPermissionsResponse or error will be non-nil.
 // Any non-2xx status code is an error. Response headers are in either
 // *TestIamPermissionsResponse.ServerResponse.Header or (if a response
 // was returned at all) in error.(*googleapi.Error).Header. Use
 // googleapi.IsNotModified to check whether the returned error was
 // because http.StatusNotModified was returned.
 func (c *ProjectsLocationsReusableConfigsTestIamPermissionsCall) Do(opts ...googleapi.CallOption) (*TestIamPermissionsResponse, error) {
 	gensupport.SetOptions(c.urlParams_, opts...)
 	res, err := c.doRequest("json")
 	if res != nil && res.StatusCode == http.StatusNotModified {
 		if res.Body != nil {
 			res.Body.Close()
 		}
 		return nil, &googleapi.Error{
 			Code:   res.StatusCode,
 			Header: res.Header,
 		}
 	}
 	if err != nil {
 		return nil, err
 	}
 	defer googleapi.CloseBody(res)
 	if err := googleapi.CheckResponse(res); err != nil {
 		return nil, err
 	}
 	ret := &TestIamPermissionsResponse{
 		ServerResponse: googleapi.ServerResponse{
 			Header:         res.Header,
 			HTTPStatusCode: res.StatusCode,
 		},
 	}
 	target := &ret
 	if err := gensupport.DecodeResponse(target, res); err != nil {
 		return nil, err
 	}
 	return ret, nil
 	// {
 	//   "description": "Returns permissions that a caller has on the specified resource. If the resource does not exist, this will return an empty set of permissions, not a `NOT_FOUND` error. Note: This operation is designed to be used for building permission-aware UIs and command-line tools, not for authorization checking. This operation may \"fail open\" without warning.",
 	//   "flatPath": "v1beta1/projects/{projectsId}/locations/{locationsId}/reusableConfigs/{reusableConfigsId}:testIamPermissions",
 	//   "httpMethod": "POST",
 	//   "id": "privateca.projects.locations.reusableConfigs.testIamPermissions",
 	//   "parameterOrder": [
 	//     "resource"
 	//   ],
 	//   "parameters": {
 	//     "resource": {
 	//       "description": "REQUIRED: The resource for which the policy detail is being requested. See the operation documentation for the appropriate value for this field.",
 	//       "location": "path",
 	//       "pattern": "^projects/[^/]+/locations/[^/]+/reusableConfigs/[^/]+$",
 	//       "required": true,
 	//       "type": "string"
 	//     }
 	//   },
 	//   "path": "v1beta1/{+resource}:testIamPermissions",
 	//   "request": {
 	//     "$ref": "TestIamPermissionsRequest"
 	//   },
 	//   "response": {
 	//     "$ref": "TestIamPermissionsResponse"
 	//   },
 	//   "scopes": [
 	//     "https://www.googleapis.com/auth/cloud-platform"
 	//   ]
 	// }

 }