1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
|
type: google.api.Service
config_version: 3
name: servicemanagement.googleapis.com
title: Service Management API
apis:
- name: google.api.servicemanagement.v1.ServiceManager
types:
- name: google.api.servicemanagement.v1.ConfigRef
- name: google.api.servicemanagement.v1.ConfigSource
- name: google.api.servicemanagement.v1.OperationMetadata
- name: google.api.servicemanagement.v1.Rollout
- name: google.api.servicemanagement.v1.SubmitConfigSourceResponse
- name: google.api.servicemanagement.v1.UndeleteServiceResponse
documentation:
summary: |-
Google Service Management allows service producers to publish their
services on Google Cloud Platform so that they can be discovered and used
by service consumers.
overview: |-
Google Service Management manages a set of *services*. Service Management
allows *service producers* to
publish their services on Google Cloud Platform so that they can be
discovered and used by *service consumers*. It also handles the tasks of
tracking
service lifecycle and programming various backend systems -- such as
[Stackdriver Logging](https://cloud.google.com/stackdriver),
[Stackdriver Monitoring](https://cloud.google.com/stackdriver) -- to
support the managed services.
If you are a service producer, you can use the Google Service Management
API and [Google Cloud SDK (gcloud)](https://cloud.google.com/sdk) to
publish and manage your services. Each managed service has a service
configuration which declares various aspects of the service such as its
API surface, along with parameters to configure the supporting
backend
systems, such as logging and monitoring. If you build your service using
[Google Cloud Endpoints](https://cloud.google.com/endpoints/), the service
configuration will be handled automatically.
If you are a service consumer and want to use a managed service, you can
use the Google Service Management API or [Google Cloud
Console](https://console.cloud.google.com) to activate the service for
your [Google developer
project](https://developers.google.com/console/help/new/), then start
using its APIs and functions.
## Managed services
REST URL:
`https://servicemanagement.googleapis.com/v1/services/{service-name}` <br
/> REST schema is defined
[here](https://cloud.google.com/service-management/reference/rest/v1/services). A
managed service refers to a network service managed by
Service Management. Each managed service has a unique name, such as
`example.googleapis.com`, which must be a valid fully-qualified DNS name,
as per RFC 1035.
A managed service typically provides some REST APIs and/or other
functions to their service consumers, such as mobile apps or cloud
services.
Service producers can use methods, such as
[services.create](https://cloud.google.com/service-management/reference/rest/v1/services/create), [services.delete](https://cloud.google.com/service-management/reference/rest/v1/services/delete), [services.undelete](https://cloud.google.com/service-management/reference/rest/v1/services/undelete), to
manipulate their managed services.
## Service producers
A service producer is the Google developer project responsible for
publishing and maintaining a managed service. Each managed service is
owned by exactly one service producer.
## Service consumers
A service consumer is a Google developer project that has enabled and can
invoke APIs on a managed service. A managed service can have many service
consumers.
## Service configuration
REST URL:
`https://servicemanagement.googleapis.com/v1/services/{service-name}/configs/{config_id}`
<br /> REST schema is defined
[here](https://cloud.google.com/service-management/reference/rest/v1/services.configs). Each
managed service is described by a service configuration which covers a
wide range of features, including its name, title, RPC API
definitions,
REST API definitions, documentation, authentication, and more.
To change the configuration of a managed service, the service producer
needs to publish an updated service configuration to Service
Management.
Service Management keeps a history of published
service configurations, making it possible to easily retrace how a
service's configuration evolved over time. Service configurations can be
published
using the [services.configs.create](https://cloud.google.com/service-management/reference/rest/v1/services.configs/create) or
[services.configs.submit](https://cloud.google.com/service-management/reference/rest/v1/services.configs/submit) methods. Alternatively,
`services.configs.submit` allows publishing an
[OpenAPI](https://github.com/OAI/OpenAPI-Specification) specification,
formerly known as the Swagger Specification, which is automatically
converted to a corresponding service configuration.
## Service rollout
REST URL:
`https://servicemanagement.googleapis.com/v1/services/{service-name}/rollouts/{rollout-id}`
<br /> REST schema is defined
[here](https://cloud.google.com/service-management/reference/rest/v1/services.rollouts). A
`Rollout` defines how Google Service Management should deploy service
configurations to backend systems and how the configurations take effect
at runtime. It lets service producers specify multiple service
configuration
versions to be deployed together, and a strategy that indicates how they
should be used.
Updating a managed service's configuration can be dangerous, as a
configuration error can lead to a service outage. To mitigate risks,
Service Management
supports gradual rollout of service configuration changes. This feature
gives service producers time to identity potential issues and rollback
service
configuration changes in case of errors, thus minimizing the customer
impact of bad configurations. For example, you could specify that 5% of
traffic uses configuration 1, while the remaining 95% uses configuration
2.
Service Management keeps a history of rollouts so that service
producers can undo to previous configuration versions. You can rollback a
configuration by initiating a new `Rollout` that clones a previously
submitted rollout record.
rules:
- selector: google.iam.v1.IAMPolicy.GetIamPolicy
description: |-
Gets the access control policy for a resource. Returns an empty policy
if the resource exists and does not have a policy set.
- selector: google.iam.v1.IAMPolicy.SetIamPolicy
description: |-
Sets the access control policy on the specified resource. Replaces
any existing policy.
Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and `PERMISSION_DENIED`
errors.
- selector: google.iam.v1.IAMPolicy.TestIamPermissions
description: |-
Returns permissions that a caller has on the specified resource. If the
resource does not exist, this will return an empty set of
permissions, not a `NOT_FOUND` error.
Note: This operation is designed to be used for building
permission-aware UIs and command-line tools, not for authorization
checking. This operation may "fail open" without warning.
- selector: google.longrunning.Operations.ListOperations
description: Lists service operations that match the specified filter in the request.
backend:
rules:
- selector: 'google.api.servicemanagement.v1.ServiceManager.*'
deadline: 10.0
- selector: google.api.servicemanagement.v1.ServiceManager.CreateServiceConfig
deadline: 20.0
- selector: 'google.iam.v1.IAMPolicy.*'
deadline: 10.0
- selector: 'google.longrunning.Operations.*'
deadline: 10.0
http:
rules:
- selector: google.iam.v1.IAMPolicy.GetIamPolicy
post: '/v1/{resource=services/*}:getIamPolicy'
body: '*'
additional_bindings:
- post: '/v1/{resource=services/*/consumers/*}:getIamPolicy'
body: '*'
- selector: google.iam.v1.IAMPolicy.SetIamPolicy
post: '/v1/{resource=services/*}:setIamPolicy'
body: '*'
additional_bindings:
- post: '/v1/{resource=services/*/consumers/*}:setIamPolicy'
body: '*'
- selector: google.iam.v1.IAMPolicy.TestIamPermissions
post: '/v1/{resource=services/*}:testIamPermissions'
body: '*'
additional_bindings:
- post: '/v1/{resource=services/*/consumers/*}:testIamPermissions'
body: '*'
- selector: google.longrunning.Operations.ListOperations
get: /v1/operations
authentication:
rules:
- selector: 'google.api.servicemanagement.v1.ServiceManager.*'
oauth:
canonical_scopes: |-
https://www.googleapis.com/auth/cloud-platform,
https://www.googleapis.com/auth/service.management
- selector: google.api.servicemanagement.v1.ServiceManager.GetService
oauth:
canonical_scopes: |-
https://www.googleapis.com/auth/cloud-platform,
https://www.googleapis.com/auth/cloud-platform.read-only,
https://www.googleapis.com/auth/service.management,
https://www.googleapis.com/auth/service.management.readonly
- selector: google.api.servicemanagement.v1.ServiceManager.GetServiceConfig
oauth:
canonical_scopes: |-
https://www.googleapis.com/auth/cloud-platform,
https://www.googleapis.com/auth/cloud-platform.read-only,
https://www.googleapis.com/auth/service.management,
https://www.googleapis.com/auth/service.management.readonly
- selector: google.api.servicemanagement.v1.ServiceManager.GetServiceRollout
oauth:
canonical_scopes: |-
https://www.googleapis.com/auth/cloud-platform,
https://www.googleapis.com/auth/cloud-platform.read-only,
https://www.googleapis.com/auth/service.management,
https://www.googleapis.com/auth/service.management.readonly
- selector: google.api.servicemanagement.v1.ServiceManager.ListServiceConfigs
oauth:
canonical_scopes: |-
https://www.googleapis.com/auth/cloud-platform,
https://www.googleapis.com/auth/cloud-platform.read-only,
https://www.googleapis.com/auth/service.management,
https://www.googleapis.com/auth/service.management.readonly
- selector: google.api.servicemanagement.v1.ServiceManager.ListServiceRollouts
oauth:
canonical_scopes: |-
https://www.googleapis.com/auth/cloud-platform,
https://www.googleapis.com/auth/cloud-platform.read-only,
https://www.googleapis.com/auth/service.management,
https://www.googleapis.com/auth/service.management.readonly
- selector: google.api.servicemanagement.v1.ServiceManager.ListServices
oauth:
canonical_scopes: |-
https://www.googleapis.com/auth/cloud-platform,
https://www.googleapis.com/auth/cloud-platform.read-only,
https://www.googleapis.com/auth/service.management,
https://www.googleapis.com/auth/service.management.readonly
- selector: google.iam.v1.IAMPolicy.GetIamPolicy
oauth:
canonical_scopes: |-
https://www.googleapis.com/auth/cloud-platform,
https://www.googleapis.com/auth/cloud-platform.read-only,
https://www.googleapis.com/auth/service.management,
https://www.googleapis.com/auth/service.management.readonly
- selector: google.iam.v1.IAMPolicy.SetIamPolicy
oauth:
canonical_scopes: |-
https://www.googleapis.com/auth/cloud-platform,
https://www.googleapis.com/auth/service.management
- selector: google.iam.v1.IAMPolicy.TestIamPermissions
oauth:
canonical_scopes: |-
https://www.googleapis.com/auth/cloud-platform,
https://www.googleapis.com/auth/cloud-platform.read-only,
https://www.googleapis.com/auth/service.management,
https://www.googleapis.com/auth/service.management.readonly
- selector: 'google.longrunning.Operations.*'
oauth:
canonical_scopes: |-
https://www.googleapis.com/auth/cloud-platform,
https://www.googleapis.com/auth/service.management
|
